Security Architect

·       8+ years of industry experience working with Application and Cloud security.

·       Lead application security reviews and threat modeling, including code review, DAST , SAST.

·       Experience (hands-on) with security tools integrated into our CI/CD and production environments such as SonarQube, Snyk, Veracode.

·       Familiar with CSPM products , WIZ, Palo Alto Prisma cloud.

·       Strong hands-on knowledge and experience with Kubernetes security and platform.

·       Skills related to Secure Software Development Lifecycle (SSDLC) Secure configuration management and secure SDLC methodologies.

·       Experience reviewing security aspects of software designs.

·       Familiarity with regulatory requirements and compliance standards (FedRAMP, NIST, ISO 27001, PCI , HIPAA, SOC2 ).

·       Cloud security risk assessment & Network security architecture.

 

·       Develop and promote security architectures to protect microservices, serverless, containers, application development and operations practices

·       Hands on experience architecting and securing Cloud Computing Platforms. ( AWS , GCP )

·       Familiarity and ability to explain common security flaws and ways to address them (e.g. OWASP Top 10)

·       Responsible for providing security guidance to other team members in their design, implementation and support of new cloud architecture and automation technologies.

·       Provide security reviews and threat modeling for difficult or highly complex applications or cloud archtecture.

·       Develop secure cloud architecture designs, considering best practices, regulatory requirements and business objectives.

·       Drive deep security architectural discussions in a collaborative manner to ensure cloud deployments are automated and successful.

·       Ensure compliance with information security practices and standards to reduce breaches, audit findings, regulatory liability, and legal exposure

·       Ensure appropriate enterprise security solutions are in place to mitigate identified risks, meet business objectives, and satisfy regulatory requirements by engaging with security specialists and other functional area architects.

·       Lead application security reviews and threat modeling, including code review and dynamic testing.

·       Develop automated security testing systems or centralized security libraries that enable developers to write secure code more easily

·       Drive initiatives which scale application security and holistically address multiple vulnerabilities.

·       Some development or scripting experience and skills ( Java \ python )

·       Strong experience working closely with developers

·       Author project plans for security initiatives

 

Uniphore is an equal opportunity employer committed to diversity in the workplace. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, disability, veteran status, and other protected characteristics.

 

For more information on how Uniphore uses AI to unify—and humanize—every enterprise experience, please visit www.uniphore.com.

All applicants - to review our privacy notice, please click here

Information regarding recruiting and phishing scams: 

Employment offers will always be made by a Uniphore hiring manager or Talent Acquisition team member with a @uniphore.com email address only. We will never text you about an employment opportunity, interviews or employment offers, and we do not make job offers after only one interview. Additionally, we will never ask you to provide funds for onboarding, supplies or anything else, nor we will ask you to submit your personal information (date of birth, passport details, banking information, social security number, etc.) as part of the interview process. If you are receiving an employment inquiry or employment offer from a non Uniphore.com email address, please assume it is spam. If you believe you have been a victim of a phishing or false employment scam, you may want to report this incidents to the FBI iC3, or visit the Department of Homeland Security’s Cyber Smart website to learn how to report such scam.