Looking for an experienced Application Security Engineer/Architect to join a high-performing AppSec team within a leading FinTech company. Security is a top priority for them as a company, as nearly every system they operate interacts with sensitive data.
The team is focused on building security through its partnership with engineering on primarily emerging technologies. Among other things thisteam is also responsible for providing requirements, design-time guidance and calibrating others to the company's risk tolerance.
Responsibilities:
- Build security roadmaps for teams and work with engineering teams to design secure solutions
- Lead threat modeling discussions related to web applications and enable engineering teams to balance competing interests
- Lead security initiatives and be the Security SME
- Scale application security effort by empowering engineering teams with guidance, patterns and training
- Re-establishment of champions program as well as development and implementation of training to build security experience within engineering teams
Background:
- Breadth of applied knowledge within Application Security, specifically in the areas of Threat Modeling and Security Review
- Deep secure development lifecycle experience, specifically to a large distributed application
- Experience designing & securing large scale web applications
- Proven influence and impact for improving architecture security
- Excellent communication skills, including developing and evangelizing written and technical or architectural documentation on an organizational level
- Ability to understand code related to the mitigations of threats
- Low ego and high degree of empathy
- You think about web security as a software architect and know how to position a growing AppSec practice within a faster growing company
