Security Engineer & Architect

About The Position

Requirements

• Educational Background: Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field, or comparable experience.
• Technical Expertise: Hands-on experience with application security, threat modeling, secure coding practices, and vulnerability management. Hands on practice with AI model development and securing the DevOps infrastructure.
• Regulatory Knowledge: Familiarity with regulations and frameworks such as HIPAA, GDPR, ISO 27001/2, and NIST CSF.
• Business Acumen: Strong strategic planning, communication, financial analysis, and project management skills.
• Adaptability: Thrive in a dynamic, environment and embrace change.
• Strategic Thinking: Develop solutions that align with organizational goals and strategies.
• Continuous Learning: Commit to personal and professional growth by acquiring new knowledge and skills.
• Collaboration: Work effectively with diverse teams and stakeholder.
• Authorization to work in the Employing Country: To be considered, you must have current and future work authorization in the country where you're applying, without the need for visa sponsorship by Strada.

Nice To Haves

• Certifications: CISSP, CSSLP, CISA, TOGAF, GAIC, or CISM preferred.

Responsibilities

• Strategic Vision: Help develop and maintain a comprehensive application security architecture for our products that aligns with our business goals and technology landscape.
• Innovative Solutions: Design and implement security solutions that leverage the latest technologies and best practices for application security.
• Risk Management: Translate business objectives and risk management strategies into actionable security processes for our products.
• Security Standards: Establish and enforce security configuration standards for application development, deployment, and maintenance.
• Data Protection: Develop standards for data encryption and tokenization to safeguard sensitive information within our products.
• Continuous Improvement: Stay ahead of emerging threats and technologies to ensure our product security posture remains robust and adaptive.
• Cloud Migration: Lead the full migration of our application stack from AWS and legacy data centers to Azure, ensuring a seamless transition and robust security posture for our applications in the new environment.
• Security Program Rebuild: Spearhead the rebuilding of our product security program to enhance our defenses and align with industry best practices.
• Architecture Program Development: Partner in the implementation of a comprehensive security architecture program that supports our strategic goals and operational needs for product security.
• Collaboration and Leadership: Drive application team leaders to accept and comply with the Application Security SDLC processes. Drive vision and future planning for AI model development and build controls and advanced AppSec practices.
• Cross-Functional Collaboration: Work closely with product managers, developers, and other stakeholders to integrate security into all aspects of our product lifecycle.
• Vendor Management: Assess and manage the security of third-party vendors and partners involved in product development.
• Knowledge Sharing: Liaise with other security professionals to share insights and best practices. A strong mix of communication and technical skills highly sought after.
• Business Continuity: Collaborate with the business continuity team to ensure security measures are in place during failovers and other critical events affecting our products.

Benefits

• At Strada, we support your whole self—offering a range of benefits for your health, wellbeing, finances, and future. These include health coverage, wellbeing programs, paid leave (vacation, sick, parental), retirement plans, learning opportunities, and more.