Software Security Architect

Overview

Come join a creative engineering team at Esri focused on designing and developing the next generation of solutions for securing ArcGIS applications and services. We’re looking for a smart, leadership focused security architect to join our Software Security & Privacy team to help push the boundaries of security while putting their mark on next-gen Esri software. Join our talented team and help secure new and exciting products that run on browsers, enterprise class servers, cloud SaaS/PaaS, desktops, and mobile. 

Responsibilities

• Lead advancing Esri’s security design & development patterns in alignment with BSIMM, NIST SSDF, and OWASP standards
• Facilitate identifying root cause and strategic solutions to software security issues
• Collaborate with other developers, engineers, and product managers throughout the development process
• Learn Esri’s ArcGIS Products & participate in training opportunities
• Assist Esri’s compliance efforts spanning FedRAMP, ISO 27001, HIPAA, CJIS, and GDPR
• Guide the development of cross-product security applications and libraries
• Facilitate optimization of our secure development CICD workflows and associated guidance for development teams
• Research and provide security guidance for new/evolving technologies such as cloud-services or Artificial Intelligence in alignment with Zero-Trust practices

Requirements

• 12+ years of professional experience in a similar position
• Experience implementing web AuthN/AuthZ methodologies such as SAML, OIDC, OAuth
• Knowledge of web service protocols including such as REST, SOAP, XML, JSON
• Knowledge of AWS and Azure security services, concepts, and configurations
• Knowledge of Secure development frameworks, OWASP, CVEs, CWEs
• Knowledge of software security component and static analysis
• Experience with multiple programming and scripting languages such as Python, PowerShell, Bash, JavaScript, Typescript, Java, C++, C#, Rust, Go, Ruby, Scala and more
• Experience with CI/CD tools and workflows (Jenkins, GitHub Actions, and more)
• Excellent written & verbal communication skills and willingness to work with diverse teams
• Bachelor’s in Computer Science, Cybersecurity, Engineering or related field

Recommended Qualifications

• Secure application development experience
• Direct experience implementing/securing VM and Container based solutions
• Knowledge of ArcGIS Products
• Experience designing and implementing secure web APIs
• Experience generating SBOM (Software Bill of Materials)
• Experience managing patches and updates to security tools
• Working knowledge of Git
• Post-graduate education or IT industry security certifications

#LI-DK1

#LI-Remote

Total Rewards

Esri’s competitive total rewards strategy includes industry-leading health and welfare benefits: medical, dental, vision, basic and supplemental life insurance for employees (and their families), 401(k) and profit-sharing programs, minimum accrual of 80 hours of vacation leave, twelve paid holidays throughout the calendar year, and opportunities for personal and professional growth. Base salary is one component of our total rewards strategy. Compensation decisions and the base range for this role take into account many factors including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs.

A reasonable estimate of the base salary range is$162,240—$281,216 USD

The Company

At Esri, diversity is more than just a word on a map. When employees of different experiences, perspectives, backgrounds, and cultures come together, we are more innovative and ultimately a better place to work. We believe in having a diverse workforce that is unified under our mission of creating positive global change. We understand that diversity, equity, and inclusion is not a destination but an ongoing process. We are committed to the continuation of learning, growing, and changing our workplace so every employee can contribute to their life’s best work. Our commitment to these principles extends to the global communities we serve by creating positive change with GIS technology. For more information on Esri’s Racial Equity and Social Justice initiatives, please visit our website here.

If you don’t meet all of the preferred qualifications for this position, we encourage you to still apply!

Esri is an equal opportunity employer (EOE) and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. If you need reasonable accommodation for any part of the employment process, please email askcareers@esri.com and let us know the nature of your request and your contact information. Please note that only those inquiries concerning a request for reasonable accommodation will be responded to from this e-mail address.

Esri Privacy Esri takes our responsibility to protect your privacy seriously. We are committed to respecting your privacy by providing transparency in how we acquire and use your information, giving you control of your information and preferences, and holding ourselves to the highest national and international standards, including CCPA and GDPR compliance.