11 hours

Application Security Architect

Five9, Inc.
San Ramon, CA 94583

Application Security Architect


 


The Five9 Application Security Architect is based in San Ramon, CA. Using broad expertise, this role collaborates with our product development partners to ensure strategic alignment and security controls are in place to support our various business objectives. You will help define the product security architecture based on industry standards that support a highly dynamic, fast-paced, and diverse organization. We are a passionate team who has fun, enjoys a good laugh but above all else thinks security first.



Responsibilities:



  • Define and publish the overall application security strategy with consensus from operational and business partners.

  • Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Process to include necessary security checkpoints, code review methodologies, etc.

  • Research, evaluate, and recommend security technologies that will be applied to technology solutions being developed or maintained internally or externally.

  • Lead design of information security solutions using industry standard methodologies, regulatory guidelines, and corporate policy..

  • Perform threat modeling, design reviews and code reviews as part of the development lifecycle.

  • Conduct security assessments for projects, hold security reviews against internal or external solutions that are in process of being crafted or maintained.

  • Identify and implement products and tools to ensure security of our applications, collaborating with engineering, operations, and IT to harden our environment.

  • Perform security code reviews, application vulnerability testing, and penetration testing, and train engineering team on best practices in application security



 


Requirements:



  • 7-10+ years of relevant experience as an information security application engineer

  • B.S. in Computer Science or equivalent experience

  • Knowledge of modern vulnerability threats including intelligence, discovery, mitigation, remediation and root cause.

  • Working experience and knowledge of data protection policies, standard methodologies, and products, privacy rules & regulations, data security, encryption, digital rights management, data loss prevention.

  • You are disciplined, with the ability to work alone or in teams, with minimal oversight, driving positive results in difficult circumstances while maintaining attention to detail.

  • Broad exposure to IT and public cloud regulatory compliance and audit frameworks including ISO, SOX, NIST, SSAE, and PCI.

  • Knowledge of Agile and Secure SDLC

  • You can maintain an exceptional level of documentation including diagrams, security standards, manuals, and project papers.

  • You have a proven ability to effectively engage and communicate as directed with a variety of audiences both technical and non-technical staff.

  • One or more Certifications (CISSP, GWEB, GPEN, GWAPT, OSWE, OSCE, OSCP) highly desirable

  • Scripting or code experience (Python, Shell, Java, json, Scrum, Jira, etc.)

  • Familiarity with network and web application protocols (HTTP, HTTPS, TCP/IP, SAML 2.0, OAuth 2.0, Rest APIs, etc.)

  • Knowledge or experience implementing SDLC frameworks like OpenSAMM and BSIMM

  • Database knowledge



 

)

Categories

Posted: 2018-12-10 Expires: 2019-01-09

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Architect

Five9, Inc.
San Ramon, CA 94583

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast