Application Security Architect - Remote

Join EVOTEK: North America’s Premier Digital Business Enabler

As North America's premier enabler of secure digital business, we integrate cutting-edge technical expertise across data center, network, security, cloud, and communications domains. By delivering cohesive digital solutions, we help businesses drive measurable impact and accelerate their transformation.

Our award-winning culture is the cornerstone of everything we do. Recognized multiple times by Inc. Magazine as a "Best Place to Work", we’re proud to create an environment where innovation and collaboration thrive. Locally, we’ve been honored by The San Diego Business Journal as a "Best Place to Work" more than seven times, and our excellence is reflected in accolades like CRN's "Solution Provider 500", "Tech Elite 250", and "Top 150 Growth Companies”. We’ve also earned a spot among CRN’s "Triple Crown” award winners.

If you’re ready to be part of a team that values innovation, culture, and business impact, EVOTEK is the place for you.

The Application Security Architect ensures that company applications and services are secured and implemented with the best security practices. The main goal of the AppSec Architect is to protect applications from security attacks by developing, inserting, and testing security components that make the application more secure. The ideal candidate will support application security reviews, threat modeling, and perform application security vulnerability management.

Requirements

• Perform secure program testing, review, and/or assessment to identify potential flaws in codes and mitigate vulnerabilities.
• Coordinate with product, engineering, and other departments to support secure outcomes, while building out the product security knowledge base.
• Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change.
• Exposure to various application security testing tools and common offerings for application security testing and analysis.
• Experience with Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools.
• Responsible for designing and evaluating application security in all phases of the application life cycle.
• Apply coding and testing standards, apply security testing tools and conduct code reviews.
• Determine and document software patches or the extent of releases that would leave software vulnerable.
• Ability to triage, reproduce, and recommend remediations for vulnerabilities.
• Translate security requirements into application design elements including documenting the elements of the software attack surfaces, conducting threat modeling, and defining any specific security criteria.
• Identify basic common coding flaws at an elevated level while consulting with engineering staff to evaluate interface between hardware and software.
• Develop threat model based on customer interviews and requirements and consult with customers about software system design and maintenance.
• Effectively communicate security threats to non-technical stakeholders.
• Apply secure code documentation while improving practices and maintenance.

Qualifications include:

• Understanding of different compliance frameworks and their implications in building secure software.
• Ability to identify solutions for common security problems while participating in a broader agile Application Security team.
• Effective understanding of security industry best practices such as protocols, cryptography, authentication, authorization, and secure application programming.
• Comprehensive understanding of software development lifecycle models as well as secure coding techniques.
• Proficiency in the use of application security testing tools (e.g., SAST, DAST, SCA, IAST, WAF).
• Strong written and verbal communication skills to both technical and non-technical personnel.
• A mix of relevant certifications in key areas would be helpful (but not required): CSSLP, CISSP, CASE.

Benefits

• Salary commensurate with years’ of experience, technical expertise and geographic location.
• Salary range: $150,000 to $200,000.
• Performance bonuses.
• Benefits package that includes 100% paid medical, dental and vision for the employee.
• 401(k) with employer match.
• Strong company culture.
• Flexible PTO policy.
• Flexible working arrangements.
• Annual company overnight retreat