WE WANT YOU.

Learn more about this opportunity.

APPLY NOW    

Principal Application Security Architect

Function: Technology
Location: Westminster CO, Westminster, CO US
Date posted: 6/7/2019 12:09:08 PM
Type: Full-time
Permanent / Contract: Regular
Job number: 1090657
Description
POSITION SUMMARY:

This is not your typical Security Architecture role. Application Security Architects at Staples have a deep knowledge of application software development, including automated build and delivery techniques. They focus on the highest-profile mission-critical applications and engage across multiple product teams to provide security guidance throughout the requirements, design, and implementation phases of the development lifecycle. The role is a focal point of expertise in web application defense.

 

RESPONSIBILITIES SPECIFIC TO ROLE:

  • Forge close partnerships with product teams to understand and mitigate application security risk and threats in critical software components
  • Work with security industry experts designing application security assessments for internal applications involving static test automation and manual architecture, code, and Secure Development Lifecyle process review
  • Assist in defining the set of required application security controls, associated standards, and training material for internally developed IT applications
  • Lead product team implementations of application security controls and provide training and direction for team security champions
  • Provide communication to leadership and product teams on the threat landscape, application security controls, and secure coding practices
  • Specify application security testing requirements to be included within applicable testing frameworks

Qualifications

KNOWLEDGE/SKILL REQUIREMENT:

  • Bachelor’s Degree or related equivalent work experience
  • BS degree or equivalent experience required
  • Minimum 10 years of experience in Information Technology related fields
  • 2+ years of experience in Security
  • Strong development and architecture background
  • Experience developing web/mobile applications using common web technologies (Java, Javascript)
  • Expert in application security and secure coding practices
  • Experience working with Agile development methodologies
  • Ability to execute analytical problem decomposition and solution design
  • Strong written and oral communication skills
  • Ability to influence and educate application development teams, product management, and leadership
 
PREFERRED SKILLS:
  • Familiarity with PCI, PII and other GRC concerns
  • Industry training in web application defense, enterprise defense, and/or penetration testing
  • Certification in the above a plus
  • Experience with industry standard SAST/DAST security scanning tools such as IBM AppScan, Checkmarx, Veracode, Fortify, Rapid 7
  • Experience with development frameworks and technologies such as Angular, node.js, C#, .net, Azure, Android and iOS development
  • Demonstrated experience in assessing solution risk via design and code review
  • Experience in deploying web application components in public cloud environments
  • Familiarity with cloud technology, containers, and micro-service architecture
  • OWASP membership and participation a plus



Staples is The Worklife Fulfillment Company, helping businesses of all sizes be more productive, connected and inspired. With dedicated account teams, category professionals, innovative brands and a curated product assortment for business, Staples provides customized solutions to help organizations achieve their goals. Interested in joining the team? Check out our perks and benefits!

Staples is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.

Staples
APPLY NOW    

There's more to explore