Senior Application Security Architect

Summary

Join GuidePoint Security, a leading cybersecurity firm, as an Application Security Engineer. You will play a crucial role in ensuring the security of our clients' applications by integrating security into the development process, conducting security assessments, and utilizing automation tools. This position requires a strong understanding of application security principles, experience with CI/CD pipelines, and familiarity with cloud infrastructure. You will have the opportunity to work with a team of experienced professionals and contribute to the growth of a rapidly expanding company.

Requirements

• Strong knowledge of application security architecture and software development, with a focus on automation, integrating security within the CI/CD pipeline, and DevOps toolchain
• Strong understanding of Application Security Verification Standard (ASVS), OWASP Top Ten, and other best practices
• Familiarity with attestation process
• Understanding of Integrated Development Environment (IDE) and Continuous Integration / Continuous Delivery (CI/CD) Pipeline tools and processes (e.g. Azure DevOps, Jenkins, Bamboo, etc.)
• Strong working knowledge of Secure Software Development Understanding of automated security testing approaches and tools
• Experience in building and operating security within CI/CD pipelines
• Experience with proactive integration of security into the development process
• Experience with public cloud infrastructure (AWS or Azure) and cloud security fundamentals including container-based technologies, infrastructure as code, Git-based source control repositories, pipelines, and common open source toolsets
• Experience in software engineering and software development, including Web applications and technologies
• Experience with automation templates to build security-as-code using terraform, ansible, salt, chef, etc
• Excellent written and verbal communication skills
• Bachelor’s degree in a relevant discipline or equivalent experience
• 8+ years of application security engineering/architecture experience

Responsibilities

• Develop and implement application security solutions to protect our clients' applications
• Conduct security assessments and analysis of applications
• Integrate security into the development process, including CI/CD pipelines
• Utilize automation tools and techniques to streamline security tasks
• Stay up-to-date on the latest security threats and vulnerabilities
• Collaborate with development teams to ensure secure coding practices
• Document security findings and recommendations

Preferred Qualifications

• Knowledge of secure coding practices and the ability to conduct security assessments and analysis
• Experience with application security scanning and testing tools (Checkmarx, Contrast, Veracode, Netsparker, and similar)
• Knowledge of threat modeling and risk assessment techniques
• AWS Certifications

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family) and GPS will contribute in one lump sum: ($500 per EE annually / $1000 per family annually (includes spouse/children/family options)
• Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option