Security Solutions Architect | DevSecOps/AppSec (Remote)

What You’ll Do:

• Lead presales engagements as the Application Security subject matter expert to Trace3 customers and sales teams nationally
• Work closely with our sales teams throughout the sales process to ensure all the client’s technical needs are understood and met with the best possible solution options
• Drive technical relationships with all stakeholders and support sales opportunities
• Present at client facing and industry events as the SME in application security
• Conduct research analysis and lab testing of application security solutions to evaluate efficacy, use cases coverage, and fit-for-purpose
• Build and maintain application security vendor partner relationships
• Contribute to the development of both customer facing and internal facing presales collaterals
• Contribute to the development of service offering collaterals and service delivery documentations that we can take to market with selected application security solutions
• Champion Agile and DevOps leading-practices, processes, design patterns, and tools in support of DevSecOps transformation
• Assist in services opportunity generation, technical scoping, and Statements of Work (SOW) writing
• Assist in the delivery of application security services
• Promote DevSecOps culture to our customers
• Drive adoption of application security tools and DevSecOps practices as part of customer’s transformation

Qualifications & Interests:

• At least 5 years of Development Experience in any programming language
• Minimum of 8 years of combined hands-on experience as a software engineer, DevOps engineer, and/or Application Security engineer
• Previous experience working as a Sales Engineer or Solutions Architect working with application security software products or services
• Ability to assess customer requirements, identify business problems, and demonstrate proposed solutions
• Programming and scripting proficiency – minimum of two: C#, Java, Typescript, Javascript, Bash, Python, Go
• Experience with various application security tools including SAST, SCA, IAST, DAST, API Security, WAF, and RASP
• Experience integrating and operating commercial application security solutions (SAST/SCA/DAST/IAST) such as Veracode, Checkmarx, Synopsys, WhiteSource, Snyk, Invicti – Accunetix or Netsparker, Contrast Security
• Prior experience working at an application security vendor – bonus points
• Experience building secure software based on frameworks such as OWASP SAMM, ASVS, MASVS, CWE, SANS, BSIMM.
• Experience in implementing and integrating security tools into CI/CD
• Experience with Agile methodologies such as Scrum and Kanban
• Knowledge of developer tools and environments, project management and bug tracking systems
• Understanding of cloud native development patterns and microservices architecture

BONUS QUALIFICATIONS:

• Experience with Mobile Application Security solutions and practices
• Experience with cloud security posture management and cloud workload protection platform solutions such as (Aqua Security, Palo Alto Prisma Cloud, Sysdig, Lacework, Orca Security, Wiz)
• Experience with Infrastructure as Code Security solutions such as Bridgecrew, Snyk, and Fugue
• Understanding of service-oriented architecture (REST APIs, micro-services, etc) and security best practices
• DevOps and Architecture experience and certifications with one of the major public cloud providers (AWS, Azure, Google Cloud)
• Experience with securing containers, kubernetes, and AWS Lambda functions
• Experience conducting secure coding training and implementing security champions program
• Experience conducting threat modeling and application penetration testing
• Prior consulting experience is a plus
• Must have excellent interpersonal skills, a high degree of professionalism and the ability to design technology solutions for commercial and large enterprise companies
• Excellent presentation, communication, and writing skills required

The Perks:

• Comprehensive medical, dental and vision plans for you and your dependents
• 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability
• Competitive Compensation
• Training and development programs
• Stocked kitchen with snacks and beverages
• Collaborative and cool office culture
• Work-life balance and generous paid time off

***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.