Application Security Architect
At ZoomInfo, we encourage creativity, value innovation, demand teamwork, expect accountability and cherish results. We value your take charge, take initiative, get stuff done attitude and will help you unlock your growth potential. One great choice can change everything. Thrive with us at ZoomInfo.
The Product Security Engineer will work closely with all Zoominfo development teams to build and govern security from day one to production and follow best practices. A solid development background that evolved to be a security expert. The ability to keep up to date on all new security challenges and work with our teams to develop protection mechanisms.
Perform application security assessments including architecture design reviews and threat modeling. Assist and enable R&D teams to adopt secure development practices. Provide secure software guidance and act as a business enabler to cross-functional teams including product, engineering, and services.
What You Can Expect from the Role-
- Design, build and implement best-in-class application security solutions.
- Lead and promote security audits, vulnerability assessments and code reviews.
- Build software security guidance including training material, best practices, secure coding checklists, reusable code, etc. validate on-going compliance of policies and procedures in support of regulations.
- Raise overall security awareness for S-SDLC, define training road map required based on needs.
- Work with different entities in the company to ensure S-SDLC compliance with company rules and industry standards.
- Review security issues identified in products to review and analyze severity and risk.
Skills & Experience
- 2+ years of security architectural experience, conducting threat modeling and design reviews of complex products.
- 3+ years of experience in the development of SaaS applications.
- In-depth knowledge of security architectural consideration from End to End security perspective.
- Expertise in building and implementing security policies, becoming a single point of contact of security in all S-SDLC tasks, challenges and requirements.
- Understanding of the OWASP Top 10 application security risks and how to address them.
- Knowledge with cloud native infrastructure architecture (containers, Kubernetes) - a must.
- Solid knowledge of Cloud Security Architecture (AWS, GCP) – a must.
- Knowledge of microservice architecture, web technologies, and APIs
- Great Communication skills – ability to communicate and present for a Developer to a Manager or Director level.
ZoomInfo (NASDAQ: ZI) is the trusted go-to-market platform for businesses to find, acquire, and grow their customers. It delivers accurate, real-time data, insights, and technology to more than 35,000 companies worldwide. Businesses use ZoomInfo to increase efficiency, consolidate technology stacks, and align their sales and marketing teams — all in one platform.
ZoomInfo may use a software-based assessment as part of the recruitment process. More information about this tool, including the results of the most recent bias audit, is available here.
ZoomInfo is proud to be an Equal Opportunity employer. We are committed to equal employment opportunities for applicants and employees regardless of sex, race, age, color, national origin, sexual orientation, gender identity, marital status, disability status, religion, protected military or veteran status, medical condition, or any other characteristic or status protected by applicable law. At ZoomInfo, we also consider qualified candidates with criminal histories, consistent with legal requirements.