Application Security Architect
Position Overview
As an Application Security Architect, you will be responsible for implementing a security application program, including implementing application security tools, determining application training requirements, and working with the architecture review board to ensure security best practices are integrated into the software development lifecycle. Additionally, you will be responsible for the overall security architecture and assisting the Information Security Officer in implementing the overall security strategy.
Responsibilities
- Implement a security application program, including implementing application security tools
- Determine application training requirements
- Work with the architecture review board to ensure security best practices are integrated into the software development lifecycle
- Lead security architecture direction for solutions
- Consult and lead the design of security best practices and implementation of solid security principles across the organization
- Review solution design for compliance to Information Security Standards
- Design, build, and implement enterprise-class security systems for cloud and on-prem production environments
- Ensure the organization implements a security architecture that enables Rotary to grow while keeping infrastructure and customer data secure
- Design, implement, and maintain application security architecture framework
- Review application architecture diagrams, data flow diagrams, and network diagrams and advise on non-compliance issues
- Perform and document threat modeling and reviews
- Supporting the security awareness program by providing documented examples and training sessions to developers and engineers
- Cook with application teams to implement application security monitoring
Qualifications
- Bachelor’s degree in computer science, Information Security, or a related field preferred
- Security related certifications preferred
- 5+ years of experience in IT and application architecture and security technologies
- Familiarity with security standards and frameworks such as NIST, CIS, GDPR, MITRE ATT&CK, etc.
- Experience with performing architecture reviews to steer projects in the right direction early, leading security reviews, and developing security ownership
- Experience with application scanning tools (i.e. Snyk, Rapid7, Checkmarx, SonarQube) implementation and integration with CI/CD pipeline
- Good understanding of Threat and Vulnerability Management, SIEM, EDR, DMARC, DKIM, DLP, and PKI
- Knowledge of cyber risk quantification methodologies
Skills
- Collaboration
- Communication
- Accountability
Benefits
- Generous medical, dental, and vision benefits package
- Progressive 401k matching contributions
- Above market and generous paid time off package
- Tuition reimbursement
- Professional development opportunities
- On-site cafeteria and coffee bar with special pricing for Rotary employees
- Flextime - several different work schedules to choose from
- Close to CTA, Metra, a variety of stores, and many food options
Pay
$157,500 - $175,000
Schedule
Hybrid - Fully Flexible
The specific days in the office are determined by managers based on business requirements. Rotary is under the jurisdiction of Illinois employment laws; we require all employees to live within reasonable daily commuting distance to Evanston.