• Help design, build and continuously improve the clients online platform.
  
• Research, suggest and implement new technology solutions following best practices/standards.
  
• Take responsibility for the resiliency and availability of different products.
  
• Be a productive member of the team.
  
  
  
  

Requirements

Core Competencies:

• Strong grasp of the NIST security framework and associated controls, with the ability to lead architecture-level security discussions with product teams.
  
• In-depth understanding of tiered architectures in both web and mobile applications, including components such as web servers, database servers, firewalls, and network structures like VNETs or VPCs.
  
• Experience with container security practices and tooling.
  
• Familiarity with industry-standard tools for Static Application Security Testing (SAST) and Software Composition Analysis (SCA)—e.g., GitHub Advanced
  

Security (GHAS).

• Hands-on experience with Microsoft Azure, including securing both managed and unmanaged services in the cloud; Azure certifications are a plus.
  
• Solid understanding of threat modeling methodologies and the ability to identify vulnerabilities across various interfaces in web applications, enterprise/cloud environments, and mobile app architectures.
  
• Deep knowledge of the OWASP Top 10 application security risks and their mitigation strategies.
  
• Possession of CISSP or CISM certification is highly desirable and considered a differentiator.
  

Key Skills:

• Security Architecture
  
• Threat Modeling
  
• Cloud Security
  

Benefits

• A challenging, innovating environment.
  
• Opportunities for learning where needed.