We are looking for an Application Security Architect to join the Product Security team and be responsible for the overall security of our products and services. The successful candidate will be responsible for contributing to our Cloud/On-prem strategic security program.
The candidate will be reporting to the Director of Product Security.
Responsibilities
Work to obtain the right mandate to ensure new products or services are launched with the appropriate security controls
Provide security standards, requirements, and guidelines for securing the products.
Take a part in the development lifecycle and integration of security features into all phases of software design and development
Assist with reviewing architecture and design for new products, features, and services.
Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
Research new application security tools and technologies and evaluate options that enhance security capabilities
Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers.
The candidate will be reporting to the Director of Product Security.
Responsibilities
Work to obtain the right mandate to ensure new products or services are launched with the appropriate security controls
Provide security standards, requirements, and guidelines for securing the products.
Take a part in the development lifecycle and integration of security features into all phases of software design and development
Assist with reviewing architecture and design for new products, features, and services.
Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
Research new application security tools and technologies and evaluate options that enhance security capabilities
Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers.
Requirements:
5+ years of experience in Application Security / Cloud Security within R&D
Experience in Cloud technologies and SaaS environments
Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
Great verbal and written communication skills
Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
Work with the business to identify, capture, escalate, and close security vulnerabilities found in our products
Advantages
CISSP, CISM, CCSP, OSCP is an advantage
knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
knowledge of CI tools/methodologies
Technical background as a SW developer, malware reverser, or penetration testing.
5+ years of experience in Application Security / Cloud Security within R&D
Experience in Cloud technologies and SaaS environments
Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
Great verbal and written communication skills
Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
Work with the business to identify, capture, escalate, and close security vulnerabilities found in our products
Advantages
CISSP, CISM, CCSP, OSCP is an advantage
knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
knowledge of CI tools/methodologies
Technical background as a SW developer, malware reverser, or penetration testing.
This position is open to all candidates.
