Application Security Architect
Rotary International · Evanston, IL · 2 wk ago
Information Technology$158k–$175k/yrFull-time
Position Overview
As an Application Security Architect, you will be responsible for implementing a security application program, including implementing application security tools, determining application training requirements, and working with the architecture review board to ensure security best practices are integrated into the software development lifecycle. Additionally, you will be responsible for the overall security architecture and assisting the Information Security Officer in implementing the overall security strategy.
Responsibilities
- Implement a security application program, including implementing application security tools
- Determine application training requirements
- Work with the architecture review board to ensure security best practices are integrated into the software development lifecycle
- Lead security architecture direction for solutions, influencing peers, cross-functional partners, and IT leadership
- Consult and lead the design of security best practices and implementation of solid security principles across the organization, meeting business goals and customer and regulatory requirements
- Review solution design for compliance to Information Security Standards
- Design, build, and implement enterprise-class security systems for cloud and on-prem production environments
- Ensure the organization implements a security architecture that enables Rotary to grow while keeping infrastructure and customer data secure
- Design, implement, and maintain application security architecture framework
- Review application architecture diagrams, data flow diagrams, and network diagrams and advise on non-compliance issues
- Perform and document threat modeling and reviews
- Supporting the security awareness program by providing documented examples and training sessions to developers and engineers
- Cook with application teams to implement application security monitoring
Qualifications
- Bachelor’s degree in computer science, Information Security, or a related field preferred
- Security related certifications preferred
- 5+ years of experience in IT and application architecture and security technologies
- Familiarity with security standards and frameworks such as NIST, CIS, GDPR, MITRE ATT&CK, etc.
- Experience with performing architecture reviews to steer projects in the right direction early, leading security reviews, and developing security ownership
- Experience with application scanning tools (i.e. Snyk, Rapid7, Checkmarx, SonarQube) implementation and integration with CI/CD pipeline
- Good understanding of Threat and Vulnerability Management, SIEM, EDR, DMARC, DKIM, DLP, and PKI
- Knowledge of cyber risk quantification methodologies
Benefits
- Generous medical, dental, and vision benefits package
- Progressive 401k matching contributions
- Above market and generous paid time off package
- Tuition reimbursement
- Professional development opportunities
- On-site cafeteria and coffee bar with special pricing for Rotary employees
- Flextime - several different work schedules to choose from
- Close to CTA, Metra, a variety of stores, and many food options