Senior Application Security Architect

Summary

Join GuidePoint Security as a Security Engineer and contribute to a rapidly growing cybersecurity firm. You will leverage your expertise in application security architecture, software development, and automation to integrate security within CI/CD pipelines. This role requires a strong understanding of application security standards and best practices, experience with various tools and technologies, and excellent communication skills. GuidePoint offers a remote-first work environment, comprehensive health insurance options, paid time off, and other benefits. The ideal candidate will possess 3-5 years of experience in security engineering or software development and a bachelor's degree in a relevant field. This is an opportunity to advance your career with a leading cybersecurity company.

Requirements

• Possess a strong knowledge of application security architecture and software development, with a focus on automation
• Demonstrate a strong understanding of Application Security Verification Standard (ASVS), OWASP Top Ten, and other best practices
• Show familiarity with the attestation process
• Understand Integrated Development Environment (IDE) and Continuous Integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g., Azure DevOps, Jenkins, Bamboo, etc.)
• Possess a strong working knowledge of Secure Software Development
• Understand automated security testing approaches and tools
• Have experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals including container-based technologies, infrastructure as code, Git-based source control repositories, pipelines, and common open source toolsets
• Have experience in software engineering and software development, including Web applications and technologies
• Possess excellent written and verbal communication skills
• Hold a Bachelor’s degree in a relevant discipline or equivalent experience
• Have 3-5 years of security engineering or software development experience

Responsibilities

• Integrate security within the CI/CD pipeline
• Build and operate security within CI/CD pipelines
• Proactively integrate security into the development process
• Build security-as-code using terraform, ansible, salt, chef, etc

Preferred Qualifications

• Possess knowledge of secure coding practices and the ability to conduct security assessments and analysis
• Have experience with application security scanning and testing tools (Checkmarx, Contrast, Veracode, Netsparker, and similar)
• Possess knowledge of threat modeling and risk assessment techniques
• Hold AWS Certifications

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option