Senior Application Security Architect
Required Experience:
This position requires a strong knowledge of application security architecture and software development, with a focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain
Strong understanding of Application Security Verification Standard (ASVS), OWASP Top Ten, and other best practices
Familiarity with attestation process
Understanding of Integrated Development Environment (IDE) and Continuous Integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azure DevOps, Jenkins, Bamboo, etc.)
Strong working knowledge of Secure Software Development
Understanding of automated security testing approaches and tools
Experience in building and operating security within CI/CD pipelines
Experience with proactive integration of security into the development process
Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals including container-based technologies, infrastructure as code, Git-based source control repositories, pipelines, and common open source toolsets
Experience in software engineering and software development, including Web applications and technologies
Experience with automation templates to build security-as-code using terraform, ansible, salt, chef, etc.
Excellent written and verbal communication skills
Preferred Experience:
Knowledge of secure coding practices and the ability to conduct security assessments and analysis
Experience with application security scanning and testing tools (Checkmarx, Contrast, Veracode, Netsparker, and similar)
Knowledge of threat modeling and risk assessment techniques
AWS Certifications
Educational & Professional Credentials:
Bachelor’s degree in a relevant discipline or equivalent experience
3-5 years of security engineering or software development experience
Senior Application Security Architect
Required Experience:
This position requires a strong knowledge of application security architecture and software development, with a focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain
Strong understanding of Application Security Verification Standard (ASVS), OWASP Top Ten, and other best practices
Familiarity with attestation process
Understanding of Integrated Development Environment (IDE) and Continuous Integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azure DevOps, Jenkins, Bamboo, etc.)
Strong working knowledge of Secure Software Development
Understanding of automated security testing approaches and tools
Experience in building and operating security within CI/CD pipelines
Experience with proactive integration of security into the development process
Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals including container-based technologies, infrastructure as code, Git-based source control repositories, pipelines, and common open source toolsets
Experience in software engineering and software development, including Web applications and technologies
Experience with automation templates to build security-as-code using terraform, ansible, salt, chef, etc.
Excellent written and verbal communication skills
Preferred Experience:
Knowledge of secure coding practices and the ability to conduct security assessments and analysis
Experience with application security scanning and testing tools (Checkmarx, Contrast, Veracode, Netsparker, and similar)
Knowledge of threat modeling and risk assessment techniques
AWS Certifications
Educational & Professional Credentials:
Bachelor’s degree in a relevant discipline or equivalent experience
3-5 years of security engineering or software development experience