A

Architect, Application Security

AssuredPartners
Remote
United States

Overview

The Architect, Application Security is a technical expert in technical analysis and design of application security systems. You will ensure applications in the AP environment are secure and implemented with best security practices. You will provide technical guidance to business teams and organizations as needed in building, remediating, or integrating applications in our environment. Your primary focus will be identifying and mitigating potential security risks to ensure the integrity and confidentiality of our systems and data.

 

 

The Ideal Candidate

  • You are adept at managing complex competing priorities across business and regulatory frameworks.
  • You have experience building automated processes for AppSec.
  • You have a need to collaborate when helping people process through security best practices.
  • You have a deep understanding of application security and an ability to prioritize.

 

What You'll Do

  • Design, implement, and maintain robust security architectures for applications, ensuring they meet industry standards and best practices.
  • Develop, implement and operate threat modeling process, Static and Dynamic application security testing, application architecture review for existing and new applications.
  • Promote and enforce secure coding practices and ensure that security is integrated into the software development lifecycle (SDLC)
  • Actively participate in code reviews and provide security-focused feedback.
  • Foster effective partnerships with other teams (internal and external) to enhance the AssuredPartners’ overall security posture and minimize potential threats and to identify threats, vulnerabilities, and control improvements.
  • Conduct hands-on risk assessments and vulnerability analysis to identify potential security threats and weaknesses.
  • Develop and enforce security policies, procedures, and guidelines related to application security.
  • Stay updated on emerging security threats and technologies to proactively address potential risks.
  • Perform regular security audits and penetration testing to ensure the integrity of applications.
  • Lead incident response efforts in the event of a security breach.
  • Participate in and support delivery of security audits, threat modelling and assessments and remediation of findings.
  • Participate in development and continuous improvement of security processes, policies, standards and other governing documents and ensure compliance.
  • Other duties as assigned. 

What's in it For You?

To help you make the best decision for your personal growth, it’s important to us to share a glimpse of what we offer our top asset, our people:

 

  • Competitive base salary
  • Generous 30+ Days Comprehensive Paid Time Off Package inclusive of Paid Time Off, 10 Company Holidays, 2 Floating Holidays, 5 Sick Days, and 2 Volunteer Days
  • Health benefit options with you in mind; 5 affordable medical plan options with rates based on your salary, company paid HSA contribution with eligible HSA plan selection, 2 dental plan options offering orthodontia coverage and 3 cleanings per year, and 2 vision plan options.
  • Company match 401(k) plan – 50% up to 6%!
  • Support of your fitness wellness goals! We offer up to 75% off at over 11,000 gyms and fitness centers.
  • Opportunity to prioritize your mental health with 24/7 access to licensed therapists.
  • Pet benefits & discounts
  • Access to our Employee-led Resource Groups (ERGs) that lend a voice to the variety of demographics represented throughout AssuredPartners.

What You'll Need

  • Minimum of 10 years’ experience in application security
  • Strong knowledge of programming languages, web application architecture, and API security best practices
  • Proven experience in API and application security, including SAST and DAST.
  • Knowledge of Cloud Services on Azure, GCP or AWS
  • Knowledge of effective controls for Application Security, Cloud & Services Hosting, Identity and Access Management, Data Protection, Web Application firewalls etc.
  • Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership, proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance.
  • Strong understanding of security standards and frameworks (e.g., OWASP, NIST, ISO 27001)
  • Relevant certifications such as CISSP, CSSLP, or CISM are highly desirable.

Grow, with us

AssuredPartners is committed to embracing diversity, equity and inclusion to create a workplace that welcomes and thrives on the unique experiences, perspectives and contributions of all team members. AssuredPartners is bringing the best people and most diverse talent forward to drive growth, innovate and think bigger!