Job title: Security Solution Architect
Location: Boston, MA
Summary
This position is a member of the IT Security team and reports directly to the Chief Security Officer.
Responsibilities
- Develop in-depth security architecture, design and coding standards across cloud, application and data security.
- Drive a standardized set of security requirements that align with internal/industry standard/regulatory requirements.
- Serve as the technical point of contact for development as it relates to automation, CI/CD and products being developed and deployed into the cloud.
- Define technical and functional security requirements covering areas of application and software design.
- Identification of application and API workflows to ensure enforcement of security architecture.
- Creation and coordination of application testing schedules organized by application and/or risk.
Qualifications
Bachelor’s degree in a relevant field, or an equivalent combination of education and work experience.
Knowledge in understanding various domains such as security architecture, system and network security, authentication and authorization protocols, cryptography, and application security.
Understanding of security by design principles, architecture level concepts, security frameworks (NIST and PCI), OWASP, etc.
Experience with various application security tools including SAST/DAST, penetration testing, etc.
Minimum of 6 years’ experience securing cloud infrastructure and cloud applications in AWS and Azure.
Knowledge of current and emerging security technologies, threats and techniques for exploiting security vulnerabilities in the code or application.
Experience in implementing and integrating security tools into CI/CD and analyzing threats of cloud and application components.
Experience in development and scripting languages (Java, Javascript/Typescript, Python, PHP).
Experience with securing API’s to external entities. Experience with Web Application Firewalls.
Experience in OWASP Top 10, CVE/CVSS research and/or bug bounty recognition.