Application Security Architect

Summary Data has never been more valuable and vulnerable. As cybercriminals become more sophisticated and regulations more strict, organizations struggle to answer one key question: “Is my data safe?  At Varonis, we see the world of cybersecurity differently. Instead of chasing threats, we believe the most practical approach is protecting data from the inside out. We’ve built the industry’s first fully autonomous Data Security Platform to help our customers dramatically reduce risk with minimal human effort.  At Varonis, we move fast. We’re an ultra-collaborative company with brilliant people who care deeply about the details. Together, we’re solving interesting and complex puzzles to keep the world’s data safe.We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.We are looking for an Application Security Architect to join the Product Security team and be responsible for the overall security of Varonis’ products and services. The successful candidate will be responsible for contributing to our Cloud/On-prem strategic security program.The candidate will be reporting to the Director of Product Security.Responsibilities

• Work to obtain the right mandate to ensure new Varonis products or services are launched with the appropriate security controls
• Provide security standards, requirements, and guidelines for securing the products.
• Take a part in the  development lifecycle and integration of security features into all phases of software design and development
• Assist with reviewing architecture and design for new products, features, and services.
• Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
• Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
• Research new application security tools and technologies and evaluate options that enhance security capabilities
• Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers

Requirements

• 5+ years of experience in Application Security / Cloud Security within R&D
• Experience in Cloud technologies and SaaS environments
• Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
• Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
• knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
• Great verbal and written communication skills
• Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
• Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
• Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products

Advantages 

• CISSP, CISM, CCSP, OSCP is an advantage
• knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
• knowledge of CI tools/methodologies
• Technical background as a SW developer, malware reverser, or penetration testing

Interfaces:

• Partner with key product & solutions development leaders to ensure security is incorporated in all customer-facing product offerings.
• Build solid relationships with business stakeholders to maintain and improve product and application security processes.
• Partner with architecture and development leaders to develop shared software frameworks to enable consistent application of secure coding best practices across the enterprise.
• Research latest security best practices, staying current on new vulnerabilities and threats, and ensure these are addressed in Varonis’ products and services.

We invite you to check out our Instagram Page to gain further insight into the Varonis culture!@VaronisLife 


Varonis is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics.#LI-Hybrid