Facebook pixel

Application Security Architect
Confirmed live in the last 24 hours
Locations
Oxford, UK
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Android Development
AWS
iOS/Swift
JavaScript
Java
Microsoft Azure
Python
Communications
Requirements
  • Understanding of the OWASP Top 10 application security risks and how to address them
  • Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM)
  • Working knowledge of Amazon AWS, Microsoft Azure, or other cloud computing platform offerings and security-related services
  • Integration of security tools through API's, webhook, or other custom integration
  • Hands-on experience with encryption, hashing, secure random number generation, key derivation, key management, digital signatures, etc. in one or more major development languages
  • Core understanding of web application security scanning software and related penetration testing tools such as SAST/DAST/IAST/SCA
  • Deep understanding of service-oriented architecture, building internet-scale, distributed, and critical services
  • Extensive knowledge of Java and the Java Ecosystem
  • Proficiency in Python, JavaScript, and other scripting languages
  • Experience with architecture and security reviews, threat modeling applications, and identifying areas of risk
  • Experience implementing strategies to support secure and compliant architectures
  • Knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS)
  • Excellent written and verbal communication
  • Ability to scale by evangelizing your work to leadership and engineers including writing requirements and solid technical guides
  • Familiar with compliance regulations like; PCI, GDPR, SOC2, SOX
  • An affinity and experience with an automation and development-based approach to security
  • Ability to collaborate with multi-functional teams located in different time zones to drive fixes and alignment to established policies
  • BS in Computer Science or Equivalent with 10+ years of experience
Responsibilities
  • Build strong relationships and effectively influence product engineering
  • Translate security risks to business impact
  • Architects, prioritizes, coordinates, and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment
  • Provide security architecture and advice in support of application development, infrastructure, and enterprise technology projects
  • Perform code analysis, application security reviews, and develop an application security training program
  • Stay current with security technologies and make recommendations for use based on business value
  • Maintain expert knowledge in the field of Information Security and the related issues, systems, processes, products, and services
  • Provide training and mentoring to clients and consulting resources
Desired Qualifications
  • MS in Cyber Security, Information Security, MIS, or equivalent
  • Knowledge of the MITRE ATT&CK Framework
  • Industry security certifications such as CISSP, CEH, or others
  • Experience in conducting social engineering-focused assessments
  • Experience in CTF competitions, CVE research, and/or Bug Bounty recognition
  • Experience in Web and Mobile (Android/iOS) based application/service assessment
  • Experience in Wireless and Network assessment in enterprise infrastructure
  • Experience in reverse engineering and associated tooling such as IDA
  • Knowledge of fuzzing, memory corruption, and exploit development
  • Knowledge about hardware hacking
Veeva Systems

1,001-5,000 employees

Cloud computing services for pharmaceutical companies.
Company Overview
Veep's mission is to help R&D, quality, and regulatory teams eliminate inefficiencies and bring high-quality, safe, sustainable products to market without compromising quality. The company builds cloud-based tools for pharmaceutical research.
Benefits
  • Parental leave
  • PTO
  • Free food
  • Health, dental, & vision insurance
  • Gym membership reimbursement
Company Core Values
  • Do the Right Thing
  • Customer Success
  • Employee Success
  • Speed