Our Client has 18 years of experience of working with some of the world’s leading Finance, Insurance, Telecommunications, Media, Technology, and Retail companies. Through the Digital Evolution, Agile Transformation and Automation solutions, they help their clients be more engaging, responsive and efficient by supporting them from ideation to production.
Our Client has over 5,000 employees located in offices in North America and Western Europe and delivery centres in Romania, Moldova, Bulgaria, Serbia, Macedonia, Argentina, Uruguay, Venezuela, and Colombia. Along with investing in long-term customer relationships,
WHAT WE ARE LOOKING FOR
We are seeking a dynamic and highly experienced security architect with outstanding client-facing skills. As a senior architect, you will be taking an active technical leadership role on projects to deliver solutions to our clients, and also be involved in pre-sales efforts and in mentoring the company's technical staff.
Candidates will be evaluated on the basis of:
1. Hands on technical skills
2. Client-facing & sales skills
3. Breadth & length of experience
In this role you must be confident in engaging in a range of conversations with senior client management and technical staff, have the ability to lead discussions and workshops, and have the technical ability to both architect, design, and implement complex enterprise solutions.
Main duties:
- Application and Technology Architecture
- Drafts conceptual and actual application security policy
- Consults with and leads clients in evolving their application security and/or DevSecOps program
- Works with client teams to automate security design and/or testing
- Assists client development teams during product design with a focus on secure software architecture
- Assists client development teams to promote re-use of secure code templates/functions
- Advises client development teams during product development to assure compliance with security principles, guidelines, standards, controls, and governance
- Assists client development teams with a variety of security testing tools (unit testing, SAST, DAST, etc.) and with remediation of security related test findings
- Assists client development teams with defining/refining, documenting, and reporting various security related KPI’s throughout the development cycle
- Shares and articulates security vision with key stakeholders by organizing discussions and formal presentations
- Participates in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance, remediations, and controls
- Actively contributes to and participates in broadening the understanding of security and DevSecOps within the company
- Works closely with DevOps engineers to ensure a shared vision across Endava for DevSecOps
- Provides technical guidance to cross-functional application development teams
- Contributes to the technology strategy, vision, requirements, and solutions for client engagements
Application Design
- Consults with application development teams to determine security requirements and for planning and delivering business solutions
- Consults with application development teams to enable secure software design and underlying application infrastructure is properly secured
Process Management
- Assists in the development of estimates for security projects
- Contributes to defining time tables and project plans
- Assists in the definition of milestones and progress tracking
Skills Required:
Desirable:
- Prior development experience in 2+ programming languages
- Extensive experience in secure software design/architecture
- Experience with CI/CD pipelines
- Knowledge of container security and SOAR technologies
- In-depth knowledge of one or more cloud platforms (e.g. AWS, Azure)
- Experience automating security testing
- Experience with best practices related to securing a development pipeline
- Exposure to Veracode (SAST & DAST) and 3 rd party component scanners
Essential:
- 6+ years of experience in application security
- Exceptional client-facing communications skills, both written and verbal
- Expertise with various security and development tools commonly used during the development cycle (e.g. Docker, Jenkins, Puppet, Ansible, Nessus, Veracode, Cucumber, etc.)
- Very strong analytical skills
- Experience in pre-sales efforts and running client engagements from a technical perspective
- Experience in the security issues with modernizing legacy software architectures and designing new software
- Proficiency in creating a broad range of security and other technical documentation
- Ability to conduct manual code reviews, looking for security flaws
- Possess a thorough understanding of the software implementation lifecycle, specifically how security fits into an agile and/or DevSecOps delivery model
- Bachelor’s Degree in a technical discipline or related experience preferred
- Possesses a working knowledge of programming languages, software design methodologies, and software architecture
- Experience in developing patches and/or remediating pre-release flaws
- Thorough understanding of DevSecOps culture, practices, and tools
Offer and Benefits:
- Opportunity to work in a Global Organization
- Career Development opportunities
- Work/Life benefits
- Travel opportunities
- Competitive salary package
- Training opportunities
- Robust benefits package which includes options for:
Health Care Insurance, Dental Insurance o Vision Insurance o Short / Long Term Disability o 401(k) with company match o Flexible Spending Accounts (Medical, Transit, and Dependent Care) o Paid Life Insurance and AD&D Coverage o Wellness Benefits