Role: Security Architect

Location: Poland, Warsaw (or remote)

Responsibilities:

• Lead the implementation of proposed solutions while interfacing with the Project Managers to ensure the coordination, communication and successful delivery of projects

• Work as the lead to design, implement and govern the overall security architecture

• Lead the Identification, measurement, control and minimization of security risks to information systems across a broad range of disciplines including application and host security

• Aligning the secure development lifecycle to industry standards, including Microsoft SDL, OWASP development guides, and Privacy/PII related topics (privacy-by-design)

• Integrate/enable security engineering automation (e.g. SAST, IAST) in the delivery pipeline

• Lead threat modeling, design reviews and code reviews as part of the development lifecycle

• Design and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and application security topics

Requirements:

• Proficiency in AppSec and Web services security

• Software development background (Java or .Net)

• Experience with the privacy requirements of a global corporation (e.g. GDPR, CCPA)

• Experience with PCI, PA-DSS, and other audits (e.g. SOX)

• Experience with various cloud providers (Azure/AWS)

Nice to have:

• Security certifications (e.g. CSSLP, CEH)

• Privacy training and certification (e.g. CIPT)

• Active participation in cybersecurity forums/conferences, e.g. DEFCON, Black Hat.

• Scanners (Netsparker, AppScan, WebInspect)

• Container experience (Docker, Kubernetes)