Role: DevSecOps Security Architect
Location: Chicago, IL - Onsite
Duration: Contract
Job Description:
As a Cloud application security engineer you will be responsible for driving divisions application security transformation into the cloud platforms. You will work with divisions to develop secure applications and software running on the cloud. You will help with secure design decisions, driving DevSecOps framework and governance and help guide other security engineers in this area. You will interface and lead in-depth technical security architecture discussion with Developers, Enterprise Security Architects, solution architects and potential external customers
The role is heavily security-focused and ingrained in the CI/CD pipeline automation to always deliver security principles and validation for Cloud solutions. With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, business-to-business initiatives, third-party relationships, outsourced solutions, and vendors tasked with analyzing current security protocols to identify weaknesses or vulnerabilities that could be exploited by hackers.
In this role you will:
- Lead developers and testers in security activities during product lifecycle such as secure design reviews/threat modeling, security code reviews, security test planning, and security code hardening, to help identify potential vulnerabilities
- Supports driving security into continuous integration and continuous deployment (CI/CD) pipelines as part of integrated team member working with software developers, system engineers, cybersecurity engineers and systems administrators
- You will work collaboratively with peers and stakeholders across the enterprise on implementations and management including IT infrastructure, application development, security operations, security audit and end users
- You will be responsible for analyzing the security of applications and services, discovering, and addressing security issues, help building security automation, and quickly reacting to new threat scenarios
- Participate regularly in project and change management meetings
- Deliver projects on time, within budget and in accordance with service level agreements (SLAs)
Required (Basic) Qualifications:
- Bachelor’s in computer science, Cybersecurity, or comparable degree from an accredited institution.
- 5+ years hands on experience in cloud security application in Azure is required.
- 4+ years of experience in leading and deploying DevSecOps in Cloud applications
- Hands on experience in application and product security tooling and technology like SAST, DAST, SCA, API, container security, and cloud security posture management
Position Criteria:
- Ability to lead and manage diverse areas and large, complex projects.
- Ability to influence and work with various technical leads in different organizations.
- Excellent interpersonal and communication skills including the ability to explain technical concepts and present to business unit leaders and customers.
- Ability to foster collaboration across global development teams.
- Strong problem solving and reasoning ability, exhibiting technical innovation and creative solutions