Please review the job details below.
The Senior Software Security Architect will be responsible for aligning standards, frameworks, and security with the overall business and technology strategy. This person will leverage their knowledge of system, software, and cyber security architecture principles to achieve both system performance requirements and cyber security goals. The ideal candidate will integrate phases of the SDLC and cybersecurity life-cycle to design and implement solutions that operate at the appropriate level of risk.
Primary Duties and Responsibilities
Architects, designs, and implements cyber security measures related to computer networks and software testing and validation procedures, programming and documentation (AWS Cloud Security, Application Security, Machine Learning, AI Sandboxing)
Performs application and data security reviews to confirm that new applications and changes to applications are compliant with Maxar's policies and standards, as well as to ensure that the right security controls are applied to applications to keep data secure
Provides technical expertise to the Cyber Security Operations Center (CSOC) during the full lifecycle of product evaluation, recommendation, testing, installation, rollout, and support
Develops API integrations and recommends configuration changes to improve the performance, usability, and value of cloud security tools
Applies secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture, and policy
Champions security by injecting security concerns into the existing development workflow; builds security thinking into every stage of software development
Coordinates with teams across the enterprise on the migration of existing enterprise services to the cloud; identifies security technical requirements, and potential problems and issues
Bachelor's degree in Information Security, Computer Science, or other related field, and 15 years experience as a security architect or developer in a large corporation OR Master's degree in Information Security, Computer Science, or other related field, and 12 years experience
Deep understanding of coding and scripting languages such as (e.g., Python, Java) and can easily adapt to other languages quickly and efficiently
Expert level in defining and implementing an SDLC
Expert level in working closely with development teams
Experience with Static and Dynamic Code Analysis tools
Experience in building security checks into the CI/CD pipeline
Knowledge of OWASP, SDLC, and security vulnerabilities
Experience with Oracle or SQL Server
Experience with Java, REST, SOAP, and JSON
Understanding of Agile software development principles along with experience participating in agile projects (SAFE Agile preferred)
Ability to take initiative and use skills to contribute to development of company objectives, policy, and principles, as well as to achieve goals in creative and effective ways
Ability and willingness to share on-call responsibilities, work non-standard hours, aid Cyber Security investigations, and travel (up to 15%) when required
United States Citizenship and
Ability to obtain and hold a US Government Security Clearance
Experience in leading an Application Security Program
Experience in a DevSecOps environment
Knowledge of and experience with manipulating protocols and libraries to compromise the security of a set of systems or code
Previous work as a developer for a large code base and collaboration with engineers and developers
Hands on experience in both using and securing Linux-based systems and containers
You've worked on open source projects before and are familiar with different styles of source control workflow and continuous integration and management (GitHub, Terraform, Ansible, RunDeck, etc).
MAXAR Technologies offers a generous compensation package including a competitive salary; choice of medical plan; dental, life, and disability insurance; a 401(K) plan with competitive company match; paid holidays and paid time off.
Maxar Technologies Ltd