Security Architect Position Available In Mecklenburg, North Carolina
Tallo's Job Summary: We are hiring an Application Security Architect in NJ/Charlotte, NC for a C2C/W2 onsite position. Key responsibilities include assessing CI/CD pipelines, embedding security controls, and strategizing for pipeline modernization. Required skills include expertise in DevOps, cloud technologies, security frameworks, CI/CD tools, containerization, security practices, and compliance standards. Preferred qualifications include CISSP, CCSP, or equivalent certifications.
Job Description
Security Architect
Role:
Application Security Architect
Location:
NJ/Charlotte, NC// Onsite Position Type:
C2C/ W2 We are seeking a highly skilled and experienced Application Security Architect with strong DevSecOps expertise to assess the CI/CD pipelines and strategize on how to modernize pipelines and remove manual processes. This role is pivotal in embedding security controls and automation into every phase of the software development lifecycle (SDLC).
Key Responsibilities
Assess the architecture, controls, processes and deployments of secure CI/CD pipelines
Assess current integrations of security controls and automation in the development workflows
Collaborate with development, operations, and security teams to understand the security best practices and compliance standards
Review the adoption of secure coding practices and their effectiveness
Evaluate potential options for automating security checks, integrating security tools and controls, and ensuring security throughout the development lifecycle
Strategize and develop plans to modernize pipelines and remove manual processes
Required Skills & Qualifications
Proven hands-on experience in designing and securing DevOps pipelines and security engineering roles
Expertise in cloud technologies, automation tools, security controls, and a strong understanding of security frameworks and compliance standards
Proven experience working with development, operations, and security teams to integrate security practices into the development lifecycle
Strong understanding of CI/CD tools (e.g., Jenkins, GitLab CI, GitHub Actions, Azure DevOps).
Working knowledge in branching strategy and development lifecycle management.
Expertise in containerization and orchestration (e.g., Docker, Kubernetes).
Proficiency in infrastructure as code (IaC) tools (e.g., Terraform, Ansible, CloudFormation).
Deep knowledge of security tools and practices (e.g., SAST, DAST, SCA, secrets management).
Experience with cloud platforms (AWS, Azure, Google Cloud Platform) and their security services.
Strong understanding on secure development lifecycle framework, secure code practice and OWASP Top10 vulnerabilities and remediation.
Good knowledge of scripting skills (e.g., Python, Bash, PowerShell).
Familiarity with compliance frameworks (e.g., NIST, ISO 27001, SOC 2).
Preferred Qualifications
Certifications:
CISSP, CCSP, or equivalent. Azure, AWS or Google Cloud Platform certification (Security and Devops)
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job
Dice Id:
91131645
Position Id:
8647803
