Full-Time

Application Security Architect

Posted on 7/19/2023

Veeva Systems

Veeva Systems

5,001-10,000 employees

Cloud solutions for life sciences sector

Senior, Expert

Oxford, UK

Required Skills
Microsoft Azure
Python
JavaScript
Communications
Java
AWS
iOS/Swift
Android Development
Requirements
  • Understanding of the OWASP Top 10 application security risks and how to address them
  • Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM)
  • Working knowledge of Amazon AWS, Microsoft Azure, or other cloud computing platform offerings and security-related services
  • Integration of security tools through API's, webhook, or other custom integration
  • Hands-on experience with encryption, hashing, secure random number generation, key derivation, key management, digital signatures, etc. in one or more major development languages
  • Core understanding of web application security scanning software and related penetration testing tools such as SAST/DAST/IAST/SCA
  • Deep understanding of service-oriented architecture, building internet-scale, distributed, and critical services
  • Extensive knowledge of Java and the Java Ecosystem
  • Proficiency in Python, JavaScript, and other scripting languages
  • Experience with architecture and security reviews, threat modeling applications, and identifying areas of risk
  • Experience implementing strategies to support secure and compliant architectures
  • Knowledge of network architectures, topologies, and concepts (Firewalls, LB, WAF, CDN, VPC, ACL, TLS, SSH, and DNS)
  • Excellent written and verbal communication
  • Ability to scale by evangelizing your work to leadership and engineers including writing requirements and solid technical guides
  • Familiar with compliance regulations like; PCI, GDPR, SOC2, SOX
  • An affinity and experience with an automation and development-based approach to security
  • Ability to collaborate with multi-functional teams located in different time zones to drive fixes and alignment to established policies
  • BS in Computer Science or Equivalent with 10+ years of experience
Responsibilities
  • Build strong relationships and effectively influence product engineering
  • Translate security risks to business impact
  • Architects, prioritizes, coordinates, and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment
  • Provide security architecture and advice in support of application development, infrastructure, and enterprise technology projects
  • Perform code analysis, application security reviews, and develop an application security training program
  • Stay current with security technologies and make recommendations for use based on business value
  • Maintain expert knowledge in the field of Information Security and the related issues, systems, processes, products, and services
  • Provide training and mentoring to clients and consulting resources
Desired Qualifications
  • MS in Cyber Security, Information Security, MIS, or equivalent
  • Knowledge of the MITRE ATT&CK Framework
  • Industry security certifications such as CISSP, CEH, or others
  • Experience in conducting social engineering-focused assessments
  • Experience in CTF competitions, CVE research, and/or Bug Bounty recognition
  • Experience in Web and Mobile (Android/iOS) based application/service assessment
  • Experience in Wireless and Network assessment in enterprise infrastructure
  • Experience in reverse engineering and associated tooling such as IDA
  • Knowledge of fuzzing, memory corruption, and exploit development
  • Knowledge about hardware hacking

Veeva Systems offers industry cloud solutions for the life sciences sector, providing technologies such as Vault Clinical Data Management, Vault EDC, Vault Coder, Vault Clinical Operations, Vault RIM Suite, Vault Quality Suite, Vault Safety Suite, Veeva Medical Suite, Veeva Data Cloud, and Veeva Commercial Cloud to support critical functions from R&D through commercialization. These technologies aim to streamline quality processes, manage clinical data, and improve regulatory compliance for life sciences companies.

Company Stage

IPO

Total Funding

$224M

Headquarters

Pleasanton, California

Founded

2007

Growth & Insights
Headcount

6 month growth

3%

1 year growth

9%

2 year growth

34%

Benefits

Parental leave

PTO

Free food

Health, dental, & vision insurance

Gym membership reimbursement

INACTIVE