Application Security Architect

Nerdio's growing security team seeks an Application Security Architect to help us enhance the security of our cutting-edge applications. Partnering closely with our engineering and product teams, you will play a vital role in applying your security expertise throughout the software development lifecycle. The architect will be a key contributor to evolving the Application Security program from inception.

What You'll Do

• Establish and continuously improve the AppSec program’s strategy, processes, and tooling.
• Collaborate with engineers to integrate security best practices into design reviews, threat modeling, code reviews, and penetration testing.
• Participate in secure code review and penetration testing efforts, honing your skills with hands-on experience under the guidance of senior team members.
• Contribute to deep-dive security reviews of our web, mobile, and API products to ensure they adhere to secure design principles.
• Participate in security training and share your learnings with the broader engineering team to foster a culture of security awareness.
• Assist in incident response to gain valuable real-world experience and help protect Nerdio's systems and data.
• Gain exposure to SAST/DAST tools and risk assessment, building a foundation for future growth.
• Mentor junior members of the AppSec team to support their professional growth and skill development.

What we are looking for

• 10+ years of experience in application security or a related field, with a passion for learning and growing your skillset.
• Someone who has led the initial inception of the Application Security program from the ground up.
• A solid understanding of security fundamentals and common vulnerabilities (e.g., XSS, CSRF, SQL Injection).
• A knack for identifying potential risks and collaborating with engineers to find effective solutions.
• The ability to effectively communicate security concepts to both technical and non-technical audiences.

Preferred Qualifications 

• Familiarity with one or more programming languages (C#, React, JavaScript and REST APIs, to aide in code review and vulnerability analysis. 
• Actively engaged in the security community through participation in B-sides conferences, OWASP chapter activities, and regular contributions to GitLab repositories, fostering continuous learning and collaboration.

Benefits and Incentives

• Competitive Base and Incentive Plan
• Stock Options
• Health and Welfare Plans*
• Life and Disability Plans*
• Retirement Plan*
• Unlimited Flexible Paid Time Off, including your birthday off!
• Collaborative Team Culture

* Benefits for international employees, outside the US, vary by country. 

Nerdio is committed to a diverse and inclusive workplace. Nerdio is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.