Application Security Architect

Description

• Work to obtain the right mandate to ensure new Varonis products or services are launched with the appropriate security controls
• Provide security standards, requirements, and guidelines for securing the products.
• Take a part in the  development lifecycle and integration of security features into all phases of software design and development
• Assist with reviewing architecture and design for new products, features, and services.
• Identify and facilitate remediation of application and cloud security exposures and vulnerabilities, including code reviews.
• Conduct cloud security strategy, readiness, and discovery assessments; be familiar with cloud security frameworks, compliance requirements, and security operations
• Research new application security tools and technologies and evaluate options that enhance security capabilities
• Work closely with different interfaces in the company, mainly R&D and Product, to enhance application security on all layers

• 5+ years of experience in Application Security / Cloud Security within R&D
• Experience in Cloud technologies and SaaS environments
• Thorough understanding of cyber security frameworks, such as NIST CSF, CIS CSC
• Deep knowledge in web & application security, familiar with OWASP frameworks, solutions, and initiatives
• knowledge And experience in Cloud Native Application (K8s, AWS , Azure)
• Great verbal and written communication skills
• Coordinate, participate, and deliver risk assessments and threat modeling for given\new designs and architectures
• Technical experience in network security technologies or security operations with a proven ability to engage and drive product and engineering priorities
• Work with the business to identify, capture, escalate, and close security vulnerabilities found in Varonis products

• CISSP, CISM, CCSP, OSCP is an advantage
• knowledge in security solutions such as Web application firewalls, DB Firewalls, Vulnerability scanners, and RASP/DAST/SAST solutions
• knowledge of CI tools/methodologies
• Technical background as a SW developer, malware reverser, or penetration testing

• Partner with key product & solutions development leaders to ensure security is incorporated in all customer-facing product offerings.
• Build solid relationships with business stakeholders to maintain and improve product and application security processes.
• Partner with architecture and development leaders to develop shared software frameworks to enable consistent application of secure coding best practices across the enterprise.
• Research latest security best practices, staying current on new vulnerabilities and threats, and ensure these are addressed in Varonis’ products and services.