Job Directory Principal Application Security Architect

Principal Application Security Architect
Framingham, MA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

Description

POSITION SUMMARY:

This is not your typical Security Architecture role. Application Security Architects at Staples have a deep knowledge of application software development, including automated build and delivery techniques. They focus on the highest-profile mission-critical applications and engage across multiple product teams to provide security guidance throughout the requirements, design, and implementation phases of the development lifecycle. The role is a focal point of expertise in web application defense.

RESPONSIBILITIES SPECIFIC TO ROLE:

* Forge close partnerships with product teams to understand and mitigate application security risk and threats in critical software components
* Work with security industry experts designing application security assessments for internal applications involving static test automation and manual architecture, code, and Secure Development Lifecyle process review
* Assist in defining the set of required application security controls, associated standards, and training material for internally developed IT applications
* Lead product team implementations of application security controls and provide training and direction for team security champions
* Provide communication to leadership and product teams on the threat landscape, application security controls, and secure coding practices
* Specify application security testing requirements to be included within applicable testing frameworks

Qualifications

KNOWLEDGE/SKILL REQUIREMENT:

* Bachelor's Degree or related equivalent work experience
* BS degree or equivalent experience required
* Minimum 10 years of experience in Information Technology related fields
* 2+ years of experience in Security
* Strong development and architecture background
* Experience developing web/mobile applications using common web technologies (Java, Javascript)
* Expert in application security and secure coding practices
* Experience working with Agile development methodologies
* Ability to execute analytical problem decomposition and solution design
* Strong written and oral communication skills
* Ability to influence and educate application development teams, product management, and leadership

PREFERRED SKILLS:

* Familiarity with PCI, PII and other GRC concerns
* Industry training in web application defense, enterprise defense, and/or penetration testing
* Certification in the above a plus
* Experience with industry standard SAST/DAST security scanning tools such as IBM AppScan, Checkmarx, Veracode, Fortify, Rapid 7
* Experience with development frameworks and technologies such as Angular, node.js, C#, .net, Azure, Android and iOS development
* Demonstrated experience in assessing solution risk via design and code review
* Experience in deploying web application components in public cloud environments
* Familiarity with cloud technology, containers, and micro-service architecture
* OWASP membership and participation a plus

Staples is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.

Staples

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.