Cyber Security Architect/Code Reviewer

Description

As an Application Security Architect, you will be an important part of a team that helps customers secure their systems and applications. You will work closely with R&D teams to identify security flaws, conduct security reviews, recommend mitigations, and determine risk levels. 

What You'll Be Doing:

• Perform threat modeling, reviewing design and architecture, and taking steps to address any discovered security vulnerabilities. 
• Work closely with Product, R&D and DevOps teams to define high-level and detailed security requirements for various features.
• Review code with R&D teams to identify potential security vulnerabilities, both manually and through automated means.
• Perform reviews & write professional reports with explanations about findings and mitigations.
•  Provide guidance and recommendations on secure development (SSDLC).

Requirements

• 2+ years of hands-on experience in application security, with a deep understanding of the Secure Software Development Life Cycle (SDLC) process.
• Solid understanding of application security vulnerabilities (e.g. OWASP and the OWASP top 10, NIST, SANS, etc.) and countermeasures to reduce related risks.
• 2+ years of prior programming experience.
• Experience performing application architecture reviews, design reviews, and threat modeling.
• Experience reviewing application code to identify security vulnerabilities.
• Good knowledge of secure coding best practices and the ability to guide R&D teams on writing secure code.
• Strong English verbal, reading, and writing skills for clear communication with technical and non-technical audiences.
• Ability to work in a dynamic environment with tight timelines.
• A confident and enthusiastic team player with excellent people skills and the ability to work independently when needed.

Bonus Qualifications:

• Security certifications like CEH, OSCP.
• Practical experience implementing a Secure Software Development Life Cycle (SDLC).

Nice to Have