Senior Application Security Architect

Required Experience: 

• This position requires a strong knowledge of application security architecture and software development, with a focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain
• Strong understanding of Application Security Verification Standard (ASVS), OWASP Top Ten, and other best practices
• Familiarity with attestation process
• Understanding of Integrated Development Environment (IDE) and Continuous Integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azure DevOps, Jenkins, Bamboo, etc.)
• Strong working knowledge of Secure Software Development
  • Understanding of automated security testing approaches and tools
  • Experience in building and operating security within CI/CD pipelines
  • Experience with proactive integration of security into the development process
• Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals including container-based technologies, infrastructure as code, Git-based source control repositories, pipelines, and common open source toolsets
• Experience in software engineering and software development, including Web applications and technologies
• Experience with automation templates to build security-as-code using terraform, ansible, salt, chef, etc. 
• Excellent written and verbal communication skills

Preferred Experience: 

• Knowledge of secure coding practices and the ability to conduct security assessments and analysis 
• Experience with application security scanning and testing tools (Checkmarx, Contrast, Veracode, Netsparker, and similar)
• Knowledge of threat modeling and risk assessment techniques
• AWS Certifications

Educational & Professional Credentials:

• Bachelor’s degree in a relevant discipline or equivalent experience
• 8+ years of application security engineering/architecture experience