Security Architect
State Street
Summary:
The Security Architect is a leading technical contributor to maintain and enhance the software security program at Charles River Development. The security program encompasses vulnerability identification and tracking, assessment and scoring (via CVSS), vulnerability remediation management, software design review, code review and threat modeling.
The role requires comprehensive knowledge of security attack vectors from the operation system through the application layer and persistent layer and related defensive controls for preventing, detecting, and mitigating attacks in both on premise and public cloud scenarios.
The Security Architect will leverage security policies to help enhance procedures, and best practices across the Charles River Development application stack. In addition, this role will work very closely with various teams and stakeholders to execute the security policies, procedures and best practices.
Responsibilities:
- Apply industry standard tools and techniques to conduct threat modeling exercises with engineering and operational teams throughout the development, design, and production stages.
- Assist in architecture and design reviews and provide security analysis and provide remediate recommendations.
- Perform security code review. Capable to quickly identify common implementation pitfalls which will lead to security vulnerabilities.
- Work with subject matter experts to develop vulnerability remediation action plans and drive implementation.
- Use security testing tools to verify security vulnerabilities and fixes.
- Monitor DevSecOps pipeline status and follow up on issues.
- Triage vulnerability findings through industry standard threat scoring practices (CVSS).
- Development and application of security configuration, deployment best practices, and key security controls for deployment hardening.
- Lead or participate in security incident investigations and remediation actions.
- Deliver security awareness training to the development organization on a periodic basis.
- Keep apprised of new offensive threats and the defensive technologies to defeat or mitigate attacks.
- Monitor the software industry for vulnerabilities that could affect Charles River Development products.
Education:
- B.S. degree (or foreign education equivalent) in Computer Science, Engineering, Mathematics, and Physics or other technical course of study required. MS degree strongly preferred.
Qualifications/Experience:
- A minimum of 10+ years of progressively responsible experience as software engineer, among which at least 5+ years of focus on secure SDLC is required.
- Demonstrated knowledge of common vulnerabilities and corresponding remediation approaches.
- Advanced technical knowledge of techniques, standards and state-of-the art capabilities for identity management, authentication, authorization, Single-Sign-On, applied cryptography, and security vulnerability remediation.
- Strong working experience of security architecture assessment for web applications and services are required.
- Knowledge of Azure cloud and container security is preferred.
- Strong written and verbal communication skills.
- Strong analytical and problem-solving skills.
- CISSP certifications is preferred.
Salary Range:
$110,000 - $185,000 AnnualThe range quoted above applies to the role in the primary location specified. If the candidate would ultimately work outside of the primary location above, the applicable range could differ.