We are looking for a highly skilled Product Security Architect to join our team at our company. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.
In this role, you will be responsible for:
Partner with all our company's development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.
In this role, you will be responsible for:
Partner with all our company's development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program.
Requirements:
Minimum of 3 years of security architectural experience, including threat modeling and design reviews of complex products Must
Experience in SaaS application development (2+ years) Optional
Development expertise in one of the following: .NET or JavaScript
In-depth knowledge of end-to-end security architectural considerations.
Proven ability to establish and manage security policies, acting as the central security contact for all S-SDLC tasks, challenges, and requirements.
Strong understanding of the OWASP Top 10 application security risks and the ability to address them.
Experience with cloud-native infrastructure architecture (e.g., containers, Kubernetes).
Solid knowledge of Cloud Security Architecture, particularly with AWS and Azure.
Proficient in microservice architecture, web technologies, and APIs.
Excellent communication skills, with the ability to effectively convey information to both technical and non-technical stakeholders, from developers to senior management.
Hands-on experience with at least two application security tools, such as SAST, API Security, DAST, WAF. – Must.
Minimum of 3 years of security architectural experience, including threat modeling and design reviews of complex products Must
Experience in SaaS application development (2+ years) Optional
Development expertise in one of the following: .NET or JavaScript
In-depth knowledge of end-to-end security architectural considerations.
Proven ability to establish and manage security policies, acting as the central security contact for all S-SDLC tasks, challenges, and requirements.
Strong understanding of the OWASP Top 10 application security risks and the ability to address them.
Experience with cloud-native infrastructure architecture (e.g., containers, Kubernetes).
Solid knowledge of Cloud Security Architecture, particularly with AWS and Azure.
Proficient in microservice architecture, web technologies, and APIs.
Excellent communication skills, with the ability to effectively convey information to both technical and non-technical stakeholders, from developers to senior management.
Hands-on experience with at least two application security tools, such as SAST, API Security, DAST, WAF. – Must.
This position is open to all candidates.
