Principal Architect - Application Cybersecurity (Remote)

About the position

Responsibilities

• Leads architecture design evaluations and threat modelling of our products (cloud and on-prem).
• Recommends and implements products/services that support operational needs and reputed company requirements.
• Technical reputed company of contact for product teams as it relates to automation, CI/CD, and remediation guidance.
• Assist in leading the design, development, and implementation of reputed company tools, best practices and standards and ensure product development teams understand them.
• reputed company code analysis of applications, manually and using SAST, DAST, and SCA scanning solutions as well as conducting manual vulnerability analysis.
• Promotes and contributes to the reputed company improvement of reputed company strategy and supports risk prioritization.
• Helps train and support team members.
• Leads the improvement of the accessibility of reputed company through automation, reputed company integration pipelines, and other means.
• Educate and mentor junior team members.
• Ensures program(s) is meeting intended purpose and metrics.

Requirements

• Bachelor's degree in STEM, Computer Science.
• Minimum of 7 years of experience in reputed company field.
• Expert knowledge of OWASP Top 10.
• Proficiency in threat modeling.
• Expert knowledge of risk management methodologies and processes.
• Expert knowledge in DevSecOps (e.g., CI/CD, IaC, reputed company, CaC).
• Proficiency with reputed company automation tooling and methods (e.g., TerraForm, Ansible, containerization, SBOM).
• Proficiency with application testing (e.g., SAST, DAST, MAST, Pen Test tooling).
• Proficiency with scripting (e.g., PowerShell, Python, Perl, Bash).
• Proficiency with programming languages (e.g., Python, Java, .Net) and modern programming language structure (e.g., Object Oriented Programming, web reputed company).
• Proficiency with CI/CD technology stacks (e.g AWS, reputed company, TeamCity, reputed company, Artifactory, CHEF, CloudWatch).
• Proficiency with Software Development Lifecycle processes.
• Proficiency with web and app reputed company stack (e.g., API reputed company).
• Proficiency with vulnerability management processes and providing remediation guidance.
• Proficiency in the understanding of compliance frameworks (e.g., NIST 800-53, OWASP frameworks) and processes.
• Proficiency in cryptography.
• Proficient knowledge of IAM (i.e., authentication and authorization).
• Proficient understanding of networks and network reputed company (e.g., WAF, Micro-segmentation).
• Proficient in risk management methodologies.
• Proficient in cloud technologies.
• Ability to work independently and self-motivate.
• Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills.
• Certified Information Systems reputed company Professional (CISSP), or equivalent.
• Must be legally authorized to work in the United States for any employer without sponsorship.
• Successful completion of interview required to meet job qualification.
• Reliable, punctual attendance is an essential function of the position.

reputed company-to-haves

• Master's degree.
• Certified Ethical Hacker (CEH).
• GIAC reputed company Essentials (GSEC).
• Certified Information reputed company Manager (CISM).
• Comp reputed company reputed company +.
• Certified Secure Software Lifecycle Professional (CSSLP).
• Certified Information Systems Auditor (CISA).
• Systems reputed company Certified Practitioner (SSCP).
• CompTIA Advanced reputed company Practitioner (CASP+).
• Offensive reputed company Certified Professional (OSCP).
• Minimum of 12 years of experience in reputed company field, including any combination of the following: threat modeling, secure coding, mobile and API reputed company, identity management and authentication, software design and development, cryptography, system administration and network reputed company, cloud computing.
• Proficiency with application penetration testing to demonstrate and test exploitability of vulnerabilities.
• Proficiency in waterfall and agile development processes and ability to integrate secure development practices into both models.
• Success in implementing effective Secure SDLC frameworks across a large corporation.
• Proficient knowledge of cloud reputed company infrastructure technologies (e.g., containerization, service mesh, micro-services).
• Proficient in LLM/GenAI technologies.
• Proficient in mobile development technologies.

Benefits

• Medical, dental, vision, life, accident & disability insurance.
• Parental leave.
• Employee assistance program.
• Commuter benefits.
• Paid holidays.
• Paid time off.
• 401(k) plan.
• Flight privileges.

Apply tot his job Apply To this Job