Application Security Architect
Posted on Sep 27, 2024 by SAS
Cary, NC
Health & Safety
Immediate Start
Annual Salary
Full-Time
:
Application Security Architect- Remote or Hybrid
Nice to meet you!
We’re a leader in data and AI. Through our software and services, we inspire customers around the world to transform data into intelligence - and questions into answers.
We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you're looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you'll find it here.
About the job
The Product Security team in our R&D division is looking for an Application Security Architect to contribute to software security design efforts across all of Research and Development. Successful candidates will solve complex technical problems, work closely with engineering teams, and communicate clearly and effectively with technical audiences. This position requires a diverse set of skills in application security, software development, and systems architecture. Your success will depend on your cooperative skills in working with R&D architecture and engineering teams across SAS.
As an Application Security Architect, you will:
Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing.
Review application architecture, identify security gaps, and help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments with refactoring and promotions between the environments.
Perform periodic secure design and coding assessments to diagnose, triage, and propose remediations for vulnerabilities and weaknesses in code and applications, considering code, design, and deployment.
Use standard tools and secure architecture methodologies to evaluate design trade-offs for developing updated architectures. Work with Product Management to ensure changes are consistent with business objectives and customer requirements.
Manage risk identification and risk mitigation strategies associated with product architectures.
Contributes documentation, developer guidance, repositories with examples of best practices in secure coding and secure design patterns.
Identify, train, and partner with champions for security in engineering and product teams
Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities
Coach and train teams in topics related to security architecture, threat modeling, and secure coding.
Collaborate with other teams within security to identify new tools and processes to integrate into the Security software development lifecycle
Provides technical guidance on methodologies, frameworks, and best practices to developers.
Reports on the posture of the organization’s security initiatives and makes strategic recommendations to improve security maturity.
Ensures all applicable security policies and processes are followed to support the organization’s secure software development goals.
Required qualifications
Bachelor's degree with major study in Data Communications, Electrical Engineering, or Computer Science.
5+ years of secure software development, secure system architecture and design, or related experience.
Demonstrated knowledge in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE and SANS-25.
An equivalent combination of related education, training and experience may be considered in place of the above qualifications.
You’re curious, passionate, authentic and accountable. These are our and influence everything we do.
Preferred qualifications
2+ years of experience in developing or adopting software security best practices
Experience with Azure (preferred), AWS, GCP, Oracle, or IBM.
Maintain at least one active professional certification: CISSP, CSSLP, CEH, CCSP, OSCP or other Application Security certification.
Experience with Software Security tools, such as: Veracode, Snyk, Black Duck, Prisma, MetasploitSonarQube.
Experience with Web Application Security Tools, such as: ZAP, Wfuzz, Grabber, Burp, Vega, W3af.
Knowledge of and experience with auditing, implementing, and supporting DevSecOps.
Experience with Unix and Windows scripting language
World-Class Benefits
Highlights include...
Comprehensive medical, prescription, dental and vision plans.
Medical plan options include...PPO with low annual deductible and copays.
HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
An industry-leading 401k plan.
Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
Volunteer Time Off, parental leave and unlimited paid sick days.
Generous childcare benefits for all full-time employees.
Diverse and Inclusive
At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.
Additional Information:
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity/Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: . Also view the notice.
Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS only sends emails from verified “(url removed)” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact
#SAS #LI-WR1 #LI-Remote #applicationsecurity
Application Security Architect- Remote or Hybrid
Nice to meet you!
We’re a leader in data and AI. Through our software and services, we inspire customers around the world to transform data into intelligence - and questions into answers.
We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you're looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you'll find it here.
About the job
The Product Security team in our R&D division is looking for an Application Security Architect to contribute to software security design efforts across all of Research and Development. Successful candidates will solve complex technical problems, work closely with engineering teams, and communicate clearly and effectively with technical audiences. This position requires a diverse set of skills in application security, software development, and systems architecture. Your success will depend on your cooperative skills in working with R&D architecture and engineering teams across SAS.
As an Application Security Architect, you will:
Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing.
Review application architecture, identify security gaps, and help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments with refactoring and promotions between the environments.
Perform periodic secure design and coding assessments to diagnose, triage, and propose remediations for vulnerabilities and weaknesses in code and applications, considering code, design, and deployment.
Use standard tools and secure architecture methodologies to evaluate design trade-offs for developing updated architectures. Work with Product Management to ensure changes are consistent with business objectives and customer requirements.
Manage risk identification and risk mitigation strategies associated with product architectures.
Contributes documentation, developer guidance, repositories with examples of best practices in secure coding and secure design patterns.
Identify, train, and partner with champions for security in engineering and product teams
Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities
Coach and train teams in topics related to security architecture, threat modeling, and secure coding.
Collaborate with other teams within security to identify new tools and processes to integrate into the Security software development lifecycle
Provides technical guidance on methodologies, frameworks, and best practices to developers.
Reports on the posture of the organization’s security initiatives and makes strategic recommendations to improve security maturity.
Ensures all applicable security policies and processes are followed to support the organization’s secure software development goals.
Required qualifications
Bachelor's degree with major study in Data Communications, Electrical Engineering, or Computer Science.
5+ years of secure software development, secure system architecture and design, or related experience.
Demonstrated knowledge in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE and SANS-25.
An equivalent combination of related education, training and experience may be considered in place of the above qualifications.
You’re curious, passionate, authentic and accountable. These are our and influence everything we do.
Preferred qualifications
2+ years of experience in developing or adopting software security best practices
Experience with Azure (preferred), AWS, GCP, Oracle, or IBM.
Maintain at least one active professional certification: CISSP, CSSLP, CEH, CCSP, OSCP or other Application Security certification.
Experience with Software Security tools, such as: Veracode, Snyk, Black Duck, Prisma, MetasploitSonarQube.
Experience with Web Application Security Tools, such as: ZAP, Wfuzz, Grabber, Burp, Vega, W3af.
Knowledge of and experience with auditing, implementing, and supporting DevSecOps.
Experience with Unix and Windows scripting language
World-Class Benefits
Highlights include...
Comprehensive medical, prescription, dental and vision plans.
Medical plan options include...PPO with low annual deductible and copays.
HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
An industry-leading 401k plan.
Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
Volunteer Time Off, parental leave and unlimited paid sick days.
Generous childcare benefits for all full-time employees.
Diverse and Inclusive
At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.
Additional Information:
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity/Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: . Also view the notice.
Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS only sends emails from verified “(url removed)” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact
#SAS #LI-WR1 #LI-Remote #applicationsecurity
Reference: 202595281
https://jobs.careeraddict.com/post/95624527
Application Security Architect
Posted on Sep 27, 2024 by SAS
Cary, NC
Health & Safety
Immediate Start
Annual Salary
Full-Time
:
Application Security Architect- Remote or Hybrid
Nice to meet you!
We’re a leader in data and AI. Through our software and services, we inspire customers around the world to transform data into intelligence - and questions into answers.
We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you're looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you'll find it here.
About the job
The Product Security team in our R&D division is looking for an Application Security Architect to contribute to software security design efforts across all of Research and Development. Successful candidates will solve complex technical problems, work closely with engineering teams, and communicate clearly and effectively with technical audiences. This position requires a diverse set of skills in application security, software development, and systems architecture. Your success will depend on your cooperative skills in working with R&D architecture and engineering teams across SAS.
As an Application Security Architect, you will:
Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing.
Review application architecture, identify security gaps, and help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments with refactoring and promotions between the environments.
Perform periodic secure design and coding assessments to diagnose, triage, and propose remediations for vulnerabilities and weaknesses in code and applications, considering code, design, and deployment.
Use standard tools and secure architecture methodologies to evaluate design trade-offs for developing updated architectures. Work with Product Management to ensure changes are consistent with business objectives and customer requirements.
Manage risk identification and risk mitigation strategies associated with product architectures.
Contributes documentation, developer guidance, repositories with examples of best practices in secure coding and secure design patterns.
Identify, train, and partner with champions for security in engineering and product teams
Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities
Coach and train teams in topics related to security architecture, threat modeling, and secure coding.
Collaborate with other teams within security to identify new tools and processes to integrate into the Security software development lifecycle
Provides technical guidance on methodologies, frameworks, and best practices to developers.
Reports on the posture of the organization’s security initiatives and makes strategic recommendations to improve security maturity.
Ensures all applicable security policies and processes are followed to support the organization’s secure software development goals.
Required qualifications
Bachelor's degree with major study in Data Communications, Electrical Engineering, or Computer Science.
5+ years of secure software development, secure system architecture and design, or related experience.
Demonstrated knowledge in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE and SANS-25.
An equivalent combination of related education, training and experience may be considered in place of the above qualifications.
You’re curious, passionate, authentic and accountable. These are our and influence everything we do.
Preferred qualifications
2+ years of experience in developing or adopting software security best practices
Experience with Azure (preferred), AWS, GCP, Oracle, or IBM.
Maintain at least one active professional certification: CISSP, CSSLP, CEH, CCSP, OSCP or other Application Security certification.
Experience with Software Security tools, such as: Veracode, Snyk, Black Duck, Prisma, MetasploitSonarQube.
Experience with Web Application Security Tools, such as: ZAP, Wfuzz, Grabber, Burp, Vega, W3af.
Knowledge of and experience with auditing, implementing, and supporting DevSecOps.
Experience with Unix and Windows scripting language
World-Class Benefits
Highlights include...
Comprehensive medical, prescription, dental and vision plans.
Medical plan options include...PPO with low annual deductible and copays.
HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
An industry-leading 401k plan.
Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
Volunteer Time Off, parental leave and unlimited paid sick days.
Generous childcare benefits for all full-time employees.
Diverse and Inclusive
At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.
Additional Information:
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity/Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: . Also view the notice.
Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS only sends emails from verified “(url removed)” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact
#SAS #LI-WR1 #LI-Remote #applicationsecurity
Application Security Architect- Remote or Hybrid
Nice to meet you!
We’re a leader in data and AI. Through our software and services, we inspire customers around the world to transform data into intelligence - and questions into answers.
We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you're looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you'll find it here.
About the job
The Product Security team in our R&D division is looking for an Application Security Architect to contribute to software security design efforts across all of Research and Development. Successful candidates will solve complex technical problems, work closely with engineering teams, and communicate clearly and effectively with technical audiences. This position requires a diverse set of skills in application security, software development, and systems architecture. Your success will depend on your cooperative skills in working with R&D architecture and engineering teams across SAS.
As an Application Security Architect, you will:
Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing.
Review application architecture, identify security gaps, and help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments with refactoring and promotions between the environments.
Perform periodic secure design and coding assessments to diagnose, triage, and propose remediations for vulnerabilities and weaknesses in code and applications, considering code, design, and deployment.
Use standard tools and secure architecture methodologies to evaluate design trade-offs for developing updated architectures. Work with Product Management to ensure changes are consistent with business objectives and customer requirements.
Manage risk identification and risk mitigation strategies associated with product architectures.
Contributes documentation, developer guidance, repositories with examples of best practices in secure coding and secure design patterns.
Identify, train, and partner with champions for security in engineering and product teams
Support security champions by helping them assess risk, learn to identify architectural gaps, and similar activities
Coach and train teams in topics related to security architecture, threat modeling, and secure coding.
Collaborate with other teams within security to identify new tools and processes to integrate into the Security software development lifecycle
Provides technical guidance on methodologies, frameworks, and best practices to developers.
Reports on the posture of the organization’s security initiatives and makes strategic recommendations to improve security maturity.
Ensures all applicable security policies and processes are followed to support the organization’s secure software development goals.
Required qualifications
Bachelor's degree with major study in Data Communications, Electrical Engineering, or Computer Science.
5+ years of secure software development, secure system architecture and design, or related experience.
Demonstrated knowledge in securing enterprise web applications and familiarity with OWASP Top 10, CVSS, CWE and SANS-25.
An equivalent combination of related education, training and experience may be considered in place of the above qualifications.
You’re curious, passionate, authentic and accountable. These are our and influence everything we do.
Preferred qualifications
2+ years of experience in developing or adopting software security best practices
Experience with Azure (preferred), AWS, GCP, Oracle, or IBM.
Maintain at least one active professional certification: CISSP, CSSLP, CEH, CCSP, OSCP or other Application Security certification.
Experience with Software Security tools, such as: Veracode, Snyk, Black Duck, Prisma, MetasploitSonarQube.
Experience with Web Application Security Tools, such as: ZAP, Wfuzz, Grabber, Burp, Vega, W3af.
Knowledge of and experience with auditing, implementing, and supporting DevSecOps.
Experience with Unix and Windows scripting language
World-Class Benefits
Highlights include...
Comprehensive medical, prescription, dental and vision plans.
Medical plan options include...PPO with low annual deductible and copays.
HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
An industry-leading 401k plan.
Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
Volunteer Time Off, parental leave and unlimited paid sick days.
Generous childcare benefits for all full-time employees.
Diverse and Inclusive
At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.
Additional Information:
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity/Affirmative Action employer. All qualified applicants are considered for employment without regard to race, color, religion, gender, sexual orientation, gender identity, age, national origin, disability status, protected veteran status or any other characteristic protected by law. Read more: . Also view the notice.
Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.
SAS only sends emails from verified “(url removed)” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact
#SAS #LI-WR1 #LI-Remote #applicationsecurity
Reference: 202595281
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog