We are looking for an Application Security Architect to join our R&D team to drive security best practices across all of our R&D and DevOps operations and be responsible for defining our application security strategy.
Responsibilities:
Verify security is deeply embedded into our processes, tools and platforms.
Define and execute security automation best practices and processes.
Set out the application security strategy and framework, based on recognized application security architecture frameworks, standards and best practice design principles.
Work with our DevOps team in order to integrate security tools into the DevOps pipeline.
Work closely with our R&D team on all SDLC levels, including the Integration of security tools/standards/processes, performing security design reviews and threat modeling, while acting as a security mentor for developers.
Define and execute work plans to mitigate security risks and design secure architectures in diverse environments.
Lead investigation processes for security related abnormal activities in our production environment
Review and assess complex environments, discover security gaps and define policies and mitigations to be deployed in.
Lead and execute secure code reviews related processes.
Own training and awareness processes around secure coding best practices and develop a strong security culture.
Requirements: Strong background in secure application architecture design and threat modeling.
Significant experience in automating security controls and implementing security in the SDLC and as part of the CI/CD.
Understanding of the cybersecurity ecosystem, including deep understanding of the threat landscape in terms of the tools, tactics, and techniques of attacks.
Deep knowledge of public cloud environments and technologies (preferably, AWS).
Understanding of system, networking and security fundamentals.
Experience in working with software development groups and development executives.
Project management capabilities.
Excellent English verbal and written communication skills.
Advanced multi-tasking and prioritization skills.
Advantages:
Knowledge of commodity languages such as Python, Javascript, Go
Good scripting skills
Experience in vulnerability management
Experience with ethical hacking and vulnerability management reporting
Experience working in a global B2B company
Previous experience in consulting, Project Management and/or Product Management
Relevant certificates - AWS, SANS, Offensive Security, etc.
המשרה מיועדת לנשים ולגברים כאחד.