Location: Boston, MA

Job ID: 5809


Capital TechSearch is hiring Software Security Architect - responsible for providing architectural and technical guidance to SaaS product security. In this role, you will design, plan, and implement secure coding practices and security testing methodology; ensure that practices meet software certification processes; drive the security testing of the products; and test and evaluate security-related tools.


Responsibilities:

  • Drive overall software security architecture, working closely with product specific technical architecture experts.
  • Provide technical leadership in the comprehensive planning, development, and execution of software security efforts.
  • Work closely with product and engineering development teams to ensure that products meet or exceed customer security and certification requirements. This includes ensuring that the security architecture is well documented and communicated.
  • Provide planning and input into the software engineering and product development process, related to security, sensitive to the constraints and needs of the business.
  • Monitor security technology trends and requirements, such as emerging standards, for new technology opportunities.
  • Liaise with corporate level security team to ensure conformity with any existing standards, technologies etc.
  • Develop and execute security plans. This may include managing across third-party vendors, and providing guidance (with other departments) to the engineering and testing practices.
  • Ensure, and create as needed, security policies, processes, practices, and operations to ensure reproducible development and high quality, while keeping costs under control.
  • Engage in hands-on, in-depth analysis, review, and design of the software, including technical review and analysis of source code with a security perspective. Will include reviews of in-house developed code, as well as review of technologies provided by third party vendors.
  • Provide primary technical role in the security certifications process, including preparing extensive documentation and working with third-party evaluations.
  • Provide training to staff, contractors, development, and quality assurance teams, and product/software security champions related to product security.
  • Guide software development teams through the Security Development Lifecycle (SDL) by participating in design reviews, threat modeling, and in-depth security penetration testing of code and systems. These responsibilities extend to providing input on application design, secure coding practices, log forensics, log design, and application code security.
  • Maintain all tools and platforms required for all phases of the SDL (currently includes WhiteSource and HPE Fortify)

Experience, Skills, & Qualifications:

  • Experience with Microservices & containerization technologies (e.g. Docker), node.js, Mongo DB, Angular, Linux.
  • Bachelors / Masters in Computer Science (ideally with a focus on Information Assurance / Cybersecurity)
  • Prefer candidates with recognized industry certifications (e.g. CISSP / CISM)


To be immediately and seriously considered for this exceptional opportunity please apply below. Your responses will be held in the strictest confidence.

Please call our office if you have any questions. Capital TechSearch, Inc. is an Equal Opportunity Employer.


Apply for this position

  • Accepted file types: doc, docx, pdf, txt.
    File types permitted: .DOC, .DOCX, .PDF, or .TXT
  • Accepted file types: docx, doc, pdf, txt, rtf.
    docx, doc, pdf, or txt files
  • Add any additional information in the notes that describes your value and fit for the position. Additional considerations may include your availability, compensation, and if you are not local to the position, your interest in relocating.

By clicking "Apply" you agree to receive new job updates, information and news from Capital TechSearch, Inc. You can always unsubscribe from our communications at any time.