JOIN COMSEC FAMILY
All of our offices are in central locations, and include subsidized
lunches, stocked kitchens, PlayStations, events and activities!
If you want to be a part of our professional team,
join our family and become a part of our global
success!
Cyber Security Architect/Code Reviewer
About The Position
As an Application Security Architect, you will be an important part of a team that helps customers secure their systems and applications. You will work closely with R&D teams to identify security flaws, conduct security reviews, recommend mitigations, and determine risk levels.
What You'll Be Doing:
- Perform threat modeling, reviewing design and architecture, and taking steps to address any discovered security vulnerabilities.
- Work closely with Product, R&D and DevOps teams to define high-level and detailed security requirements for various features.
- Review code with R&D teams to identify potential security vulnerabilities, both manually and through automated means.
- Perform reviews & write professional reports with explanations about findings and mitigations.
- Provide guidance and recommendations on secure development (SSDLC).
Requirements
- 2+ years of hands-on experience in application security, with a deep understanding of the Secure Software Development Life Cycle (SDLC) process.
- Solid understanding of application security vulnerabilities (e.g. OWASP and the OWASP top 10, NIST, SANS, etc.) and countermeasures to reduce related risks.
- 2+ years of prior programming experience.
- Experience performing application architecture reviews, design reviews, and threat modeling.
- Experience reviewing application code to identify security vulnerabilities.
- Good knowledge of secure coding best practices and the ability to guide R&D teams on writing secure code.
- Strong English verbal, reading, and writing skills for clear communication with technical and non-technical audiences.
- Ability to work in a dynamic environment with tight timelines.
- A confident and enthusiastic team player with excellent people skills and the ability to work independently when needed.
Bonus Qualifications:
- Security certifications like CEH, OSCP.
- Practical experience implementing a Secure Software Development Life Cycle (SDLC).
Apply for this position
WHY Comsec
Join our family and become a part
of our global success
?
Therefore, we invest time in the recruitment and selection process in order to locate talented and skilled individuals.