The point where experts and best companies meet
Share
Lead Cloud Application Security Architect
In the role of Lead Cloud Application Security Architect for Forge Performance Plus product , you will join a growing Product Security team providing expertise in secure software, requirements, and architecture throughout all phases of the product lifecycle. The Lead Cloud Application Security Architect will report to the Senior Cyber Manager and will drive security baselines, processes, solutions, and risk reduction across a growing line of core product areas; providing mentorship to team members.
KEY RESPONSIBILITIES
Drive secure product development using existing standards and practices, staying abreast of emerging threats, security practices, and technologies in the cloud
Influence decision-makers and stakeholders, improve secure coding practices, security requirements, and design
Regularly participate in PI Planning and Scrum Meetings to ensure that security is at the forefront of development and product management mind
Provide product security assessment reports to the Senior Management, Development Managers and Product Managers on a regular basis
Drive secure engagement and architecture including threat modeling, vulnerability and risk assessment, analysis of findings from penetration tests, and tools (e.g., SAST, SCA, Container vulnerability scans)
Drive incident response investigation, ensure coordination for remediation plan and execution
Scope and drive security testing of products, perform results assessments, and assist in remediation strategies with engineering
Mentor and coach engineering and security architects in secure SDLC practices, train and engage security advocates
YOU MUST HAVE
Bachelor’s degree
8+ years of experience of application security architecture for any public cloud such as AWS, Azure, GCP
5+ years of programming experience
WE VALUE
Experience in architecting enterprise class high-volume high-performance software products
Secure software development lifecycle (SSDLC) experience
Rich software development background
Certifications in Secure Software Lifecycle or Cloud Security demonstrating deep practical knowledge, such as CSSLP or CCSP
Azure, AWS or GCP Security or Solutions Architecture Certifications
Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises.
Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners
Understanding of Agile software development practices
In-depth knowledge and understanding of OWASP Top 10 and CWE Top 25 with experience in assessment and providing remediation strategies
Experiences with DevOps (CI/CD) & SDLC
Master’s degree
Strong interpersonal skills with the ability to facilitate diverse groups, help negotiate priorities, and resolve conflicts among project partners
Additional InformationThese jobs might be a good fit