Cybersecurity Engineer ensuring the security of IT & OT systems at ArianeGroup. Collaborating with internal teams and overseeing compliance and protection measures.
About the role
- Application Security Architect with SAS focusing on secure software development and compliance. Partnering with teams to enhance security posture across technologies and cloud environments.
Responsibilities
- Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing contributing documentation, developer guidance and training, and repositories with examples of best practices in secure architecture, design, design, and operational patterns and practices.
- Perform risk based prioritized and periodic reviews of application architecture to identify security gaps and generally help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments.
- Work cross organizationally with engineering (security champions, architects, and developers) and operations to assist in the identification, risk assessment, and remediation of security issues, and Product Management to ensure security implementations are consistent business objectives and customer requirements ensuring alignment to SAS security standards, policies, and procedures and other global regulatory requirements.
- Assist in the creation of dashboards and on-demand reporting of a product division’s security posture and make recommendations for improvements aligning to Secure by Default and Zero Trust principles.
- Identify, train, and partner with divisional Security Champions in place with product architecture and engineering teams.
- Help champions assess and gauge risk to identify security gaps or seams in the products and integrated solutions.
- Collaborate with other teams within security to identify new tools and processes to integrate into the Secure SDLC.
- Recommend and promote software security policies, standards, and procedures that can improve the global security posture of the company.
- Ensure all applicable security policies and processes are followed to support the organization's secure software development goals.
Requirements
- Bachelor's degree with major study in technical disciplines such as Electrical Engineering or Computer Science.
- 5+ years of secure software development, secure system architecture and design, or related experience.
- Demonstrated knowledge in securing enterprise web applications and the supporting systems and services as detailed by OWASP Top 10 for Web, CVSS, CWE/CVE, etc. extending to the effective remediation of issues surfaced by relevant SAST and DAST scanners and tooling.
- Demonstrated ability to provide guidance to development and hosting/operational teams on the effective remediation of issues surfaced by relevant SAST and DAST scanners and tooling, reported by customers, or findings from internal/external offensive security testing or compliance audits.
- An equivalent combination of related education, training and experience may be considered in place of the above qualifications.
- 2+ years of experience in developing or adopting software security patterns and best practices.
- Demonstrated knowledge and willingness to learn security principles for Kubernetes, containers and micro-services, SaaS (public and private cloud deployments), ML, GenAI, and Agentic AI.
- Experience with programming languages such as: Java, C/C++, C#, Rust, Python, JavaScript, PHP, Golang, etc.
Benefits
- Comprehensive medical, prescription, dental and vision plans.
- Medical plan options include: PPO with low annual deductible and copays.
- HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
- Onsite Health Care Center (HQ) that’s free to employees and family members enrolled in the PPO plan.
- There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
- An industry-leading 401k plan.
- Tuition Assistance Program and programs and resources to support your development.
- Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
- Volunteer Time Off, parental leave and unlimited paid sick days.
- Generous childcare benefits for all full-time employees.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Professional focused on Cloud Security solutions and DevSecOps at innovative tech consulting firm Leega. Implementing security for AWS services and integrating security analysis tools.
Internship for building and deploying SSE/MASE system while working closely with management at I3P, a firm specialized in electrical networks.
Technicien d'installation de dispositifs antichute supervisant l'installation et la sécurité. Participer aux visites de chantier, préparer et gérer l'installation avec une autre personne.
Installs complete fall protection systems ensuring safety compliance. Managing team and quality of work on construction sites in a hybrid role.
IT Specialist ensuring smooth IT operations in a growing beauty company. Collaborate with external service providers and support internal teams with compliance and documentation.
Strategic leader focused on Cyber Security and Fraud analytics at Sun Life. Establishing centralized functions and driving proactive detection and response efforts.
Manager Infrastructure & Security driving IT infrastructure and security landscape for semiconductor firm. Collaborating with teams to build scalable systems and innovative security strategies.
Residential Security Agent managing physical security for clients in California and Nevada, ensuring compliance with safety protocols and quick response to emergencies.
Senior Cyber Security Consultant at HvS - Consulting focusing on ISMS development and team leadership. Engaging clients in ISO 27001 compliance and strategic cybersecurity improvements.