Application Security Architect

The Application Security Architect will work closely with all Zoominfo development teams to build and govern security from day one to production and follow best practices. A solid development background that evolved to be a security expert. The ability to keep up to date on all new security challenges and work with our teams to develop protection mechanisms.

Perform application security assessments including architecture design reviews and threat modeling. Assist and enable R&D teams to adopt secure development practices. Provide secure software guidance and act as a business enabler to cross-functional teams including product, engineering, and services.

What You Can Expect From The Role-

Design, build and implement best-in-class application security solutions

Lead and promote security audits, vulnerability assessments and code reviews

Build software security guidance including training material, best practices, secure coding checklists, reusable code, etc. validate on-going compliance of policies and procedures in support of regulations

Raise overall security awareness for S-SDLC, define training road map required based on needs

Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards

Review security issues identified in products to review and analyze severity and risk

Skills & Experience

2+ years of security architectural experience, conducting threat modeling and design reviews of complex products

3+ years of experience in the development of SaaS applications

In-depth knowledge of security architectural consideration from End to End security perspective

Expertise in building and implementing security policies, becoming a single point of contact of security in all S-SDLC tasks, challenges and requirements

Understanding of the OWASP Top 10 application security risks and how to address them

Knowledge with cloud native infrastructure architecture (containers, Kubernetes) - a must

Solid knowledge of Cloud Security Architecture (AWS, GCP) – a must

Knowledge of microservice architecture, web technologies, and APIs

Great Communication skills – ability to communicate and present for a Developer to a Manager or Director level