Principal Application Security Architect
Function: Technology
Location: Westminster CO,
Westminster,
CO
US
Date posted: 6/7/2019 12:09:08 PM
Type: Full-time
Permanent / Contract: Regular
Job number: 1090657
Potential Referral Bonus:
DescriptionPOSITION SUMMARY:
This is not your
typical Security Architecture role. Application Security Architects at Staples
have a deep knowledge of application software development, including automated
build and delivery techniques. They focus on the highest-profile
mission-critical applications and engage across multiple product teams to
provide security guidance throughout the requirements, design, and implementation
phases of the development lifecycle. The role is a focal point of expertise in
web application defense.
RESPONSIBILITIES
SPECIFIC TO ROLE:
- Forge close partnerships with
product teams to understand and mitigate application security risk and
threats in critical software components
- Work with security industry
experts designing application security assessments for internal
applications involving static test automation and manual architecture,
code, and Secure Development Lifecyle process review
- Assist in defining the set of
required application security controls, associated standards, and training
material for internally developed IT applications
- Lead product team
implementations of application security controls and provide training and
direction for team security champions
- Provide communication to
leadership and product teams on the threat landscape, application security
controls, and secure coding practices
- Specify application security
testing requirements to be included within applicable testing frameworks
QualificationsKNOWLEDGE/SKILL
REQUIREMENT:
- Bachelor’s Degree or related
equivalent work experience
- BS degree or equivalent
experience required
- Minimum 10 years of experience
in Information Technology related fields
- 2+ years of experience in
Security
- Strong development and
architecture background
- Experience developing
web/mobile applications using common web technologies (Java, Javascript)
- Expert in application
security and secure coding practices
- Experience working
with Agile development methodologies
- Ability to execute
analytical problem decomposition and solution design
- Strong written and
oral communication skills
- Ability to influence
and educate application development teams, product management, and leadership
PREFERRED SKILLS:
- Familiarity with PCI, PII and
other GRC concerns
- Industry training in web
application defense, enterprise defense, and/or penetration testing
- Certification in the above a
plus
- Experience with industry
standard SAST/DAST security scanning tools such as IBM AppScan, Checkmarx,
Veracode, Fortify, Rapid 7
- Experience with development
frameworks and technologies such as Angular, node.js, C#, .net, Azure,
Android and iOS development
- Demonstrated experience in
assessing solution risk via design and code review
- Experience in deploying web
application components in public cloud environments
- Familiarity with cloud
technology, containers, and micro-service architecture
- OWASP membership and
participation a plus
Staples is The Worklife Fulfillment Company, helping businesses of all sizes be more productive, connected and inspired. With dedicated account teams, category professionals, innovative brands and a curated product assortment for business, Staples provides customized solutions to help organizations achieve their goals. Interested in joining the team? Check out our perks and benefits!
Staples is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.
Staples