Plus
Включить Plus
Назад
Company hidden
обновлено 24 дня назад

Application Security Architect (SaaS)

Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Application Security Architect (SaaS): Designing and assessing security solutions for software projects to ensure security is integrated from the start with an accent on secure SDLC and automation. Focus on performing SAST/DAST/SCA assessments, threat modeling, and guiding development teams toward effective remediation.

Location: Must be based in the USA (E-Verify employer)

Company

hirify.global is a global commerce platform helping businesses manage employee benefits, fleet mobilization, and payment streamlining.

What you will do

  • Design and assess security solutions in software projects to ensure security is built-in from the beginning.
  • Perform manual and automated secure code reviews using SAST, DAST, and SCA tools.
  • Conduct web and mobile application penetration testing.
  • Deliver actionable security guidance and remediation plans to project teams.
  • Participate in Secure Development Lifecycle (SDL) efforts, including threat modeling and architecture reviews.
  • Partner with security champions to scale security expertise and awareness across the development organization.

Requirements

  • 3-5+ years of progressive experience in software development (C#, Java, Go, or Python preferred).
  • 3+ years of experience in software or information security.
  • 2+ years of experience with application and container security tools (SAST, DAST, SCA, IaC scanning).
  • Deep familiarity with OWASP Top 10 and appropriate mitigation strategies.
  • Experience working with compliance frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, or GDPR.
  • Must be eligible to work in the US.

Nice to have

  • Security certifications such as CEH, OSCP, GWAPT or cloud certifications.
  • Understanding of modern CI/CD approaches and tooling (Azure DevOps, GitHub Actions, Jenkins).
  • Experience designing and securing container technologies (Kubernetes, Docker, EKS, ECS, AKS).
  • 3+ years of experience with public cloud (IaaS, PaaS, FaaS, SaaS).

Culture & Benefits

  • Collaborative environment within a high-performing Global Product Security Team.
  • Focus on professional growth with opportunities to mentor other engineers and architects.
  • Comprehensive and market-competitive benefits supporting personal and professional well-being.
  • Inclusive workplace committed to diversity and equal opportunity.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →