Jobless Developer
V
Veeva

Posted 41 months ago

Open

Application Security Architect

United Kingdom - OxfordRemoteFull-time

AI Summary

Senior security architect who leads application security for product engineering, cloud and enterprise projects; drives secure design reviews, threat modeling, and security program initiatives.

About this role

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $3B in revenue in our last fiscal year with extensive growth potential ahead.
At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.
As a Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.
Join us in transforming the life sciences industry, committed to making a positive impact on its customers, employees, and communities.

The Role

As an Application Security Architect, you are a security expert and evangelist. You provide subject matter expertise and security guidance to product engineering teams and IT to design and build secure solutions, drive the implementation of security best practices, establish security architecture standards and patterns, and perform security architecture reviews.

You will partner with other security leads to grow the security program, mentor junior security team members, measure adherence, suggest and implement changes, develop roadmaps, present to steering committees and engineering teams, and promote security awareness company wide.

What You'll Do

  • Build strong relationships and effectively influence Veeva’s product and IT engineering
  • Translate security risks to business impact
  • Research, prioritize, coordinate, and communicate security solution recommendations
  • Provide security architecture advice in support of product application development, cloud infrastructure, and enterprise technology projects
  • Perform code analysis, application security reviews, and contribute to the application security training program
  • Stay current with security technologies and make usage recommendations
  • Maintain an expert knowledge level of Information Security and the related issues, systems, processes, products, and services.

    • Requirements

  • Excellent written and verbal communication
  • Ability to evangelize technical security needs to product leadership and engineers
  • Broad experience with information, system, and network security concepts and components
  • Demonstrated experience with architecture and security reviews, threat modeling applications and identifying areas of risk
  • Experience implementing strategies to support secure and compliant architectures
  • Deep understanding of the OWASP Top 10 application security risks and how to address them
  • Expert knowledge of Amazon AWS, Microsoft Azure or other cloud computing platform offerings and security related services
  • Experience with web application security scanning software and related assessment tools such as SAST/DAST/SCA
  • Working knowledge of encryption, hashing, secure random number generation, key derivation, key management, digital signatures
  • Understanding of internet-scale, distributed, multi-tenant architecture and services.
  • Knowledge of Java and the Java Ecosystem. Proficiency with Python, JavaScript and other scripting languages
  • BS in Computer Science or equivalent with 10+ years of experience

    • Nice to Have

  • Experience with assessing and providing recommendations for securing generative AI solutions
  • Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
  • Familiar with compliance regulations like; ISO, GDPR, SOC2, SOX
  • MS in Cyber Security, Information Security, MIS or equivalent
  • Industry security certifications such as CISSP or others
  • Experience in Application penetration testing, CTF competitions, CVE research and/or Bug Bounty recognition
  • Experience in Web and Mobile (Android/iOS) based application/service assessment

    • Skills

    Bug Bounty ExperienceCI/CD SecurityCISSP Or Similar CertificationCloud Security (AWS/Azure)Code AnalysisCVE ResearchDASTEncryption Key ManagementInformation Security GovernanceJavaJavaScriptMobile/web App Security AssessmentsOWASP Top 10Penetration TestingPKI & Digital SignaturesPythonSASTSCASDL/SAMM/BSIMM FamiliaritySecure CodingSecurity ArchitectureThreat ModelingWeb Application Security

    Explore related jobs

    More jobs at Veeva

    Similar Bug Bounty Experience jobs

    Browse these categories

    Remote JobsJava JobsJavaScript JobsPython JobsThreat Modeling Jobs