This Job Vacancy has Expired!

Application Security Architect/Manager

Posted on Aug 24, 2019 by Request Technology - Craig Johnson

Chicago, IL 60601
Immediate Start
$150k - $180k Annual

Prestigious Fortune 500 Company is currently seeking an Application Security Architect/Manager. Candidate will have a strong background in application security, deep understanding of secure coding practices, code scanning tools, best practices, SDLC, CI/CD pipeline, and DevOps. Candidate will help build this function into a formally recognized service; partnered heavily with development and fully representing the security organization. As a leader, specific lead experience should be present as well analytics, reporting, and analysis of current application portfolio security posture, coding practices, common root cause, cross-training expertise, and distinct knowledge of what constitutes an effective application security program.


  • Strong Technical Leadership or hands-on management over an Application Security program
  • Strong experience in application development (Java EE, Python, web APIs, C++/C#, .Net, and/or Linux Scripting)
  • Strong experience with Application Security and Application Penetration Testing
  • Strong understanding of a variety of application development architectures, platforms, methodologies, and supporting operating systems
  • Strong understanding of web hosting platforms and web services (AWS preferred).
  • Working knowledge of remediation methods (OWASP Top 10 at a minimum)
  • Understanding of enterprise computing environments, distributed applications, and container technology (Docker preferred)
  • Exceptional interpersonal and communication skills
  • Familiarity or experience with CI/CD
  • Any of the following certifications are desired: GWAPT, GWEB, OSCP, CISSP, CSSLP, or similar advanced security certification


  • Conduct tests to evaluate and demonstrate the impact of software misconfiguration and vulnerabilities on in-house applications
  • Model attacker behavior and help teams evaluate their resilience to known attack methodologies
  • Provide expert level security consultation to project teams, application owners, and general technology teams on relevant security controls and Secure-SDLC process requirements
  • Build & Monitor systems that ensure application security policies, coding standards and required security controls are being followed and appropriately mitigating threats
  • Assist with required security education initiatives and foster a security-conscious culture within AppDev teams
  • Develop, Enhance, and Participate, as needed, in security portion of Secure-SDLC
  • Analyze and provide remediation guidance for identified vulnerabilities; validate and verify remediation implementation
  • Participate and lead Information Security projects to expand AppSec capabilities
  • App Security/Pen testing background Application development that progressed to a Security role will be considered, and Cloud and container experience is essential.

Reference: 748746073

Set up alerts to get notified of new vacancies.