Crown Equipment Corporation
Application Security Architect - Hybrid Remote
Crown Equipment Corporation, New Bremen, Ohio, United States, 45869
Responsibilities
Define security architecture standards and blueprints for web, mobile, cloud, and API-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (SAST, SCA) into CI/CD pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in the development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including GDPR and PCI-DSS. Support audit and compliance initiatives by providing documentation and evidence of secure development practices.
Minimum Qualifications
Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED.
Preferred Qualifications
5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of OWASP Top 10, NIST, and secure coding frameworks. Experience with Securing Secrets and Service Accounts. Experience with Web Application Firewall (WAF) implementation/support. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). CISSP or similar certification (e.g., CSWLP, CEH). Familiarity with container security (Docker, Kubernetes). Understanding of authentication protocols (OAuth and SAML). Experience with DevSecOps tools and container security tools.
Work Authorization
Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future are not eligible for hire.
No agency calls please.
Compensation and Benefits
Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and more.
EOE Veterans/Disabilities
Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology, Other, and Design Industries: Banking, Retail, and Manufacturing
No referrals or sign-in prompts included in this description.
#J-18808-Ljbffr
Define security architecture standards and blueprints for web, mobile, cloud, and API-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (SAST, SCA) into CI/CD pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in the development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including GDPR and PCI-DSS. Support audit and compliance initiatives by providing documentation and evidence of secure development practices.
Minimum Qualifications
Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED.
Preferred Qualifications
5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of OWASP Top 10, NIST, and secure coding frameworks. Experience with Securing Secrets and Service Accounts. Experience with Web Application Firewall (WAF) implementation/support. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). CISSP or similar certification (e.g., CSWLP, CEH). Familiarity with container security (Docker, Kubernetes). Understanding of authentication protocols (OAuth and SAML). Experience with DevSecOps tools and container security tools.
Work Authorization
Crown will only employ those who are legally authorized to work in the United States. This is not a position for which sponsorship will be provided. Individuals with temporary visas or who need sponsorship for work authorization now or in the future are not eligible for hire.
No agency calls please.
Compensation and Benefits
Crown offers an excellent wage and benefits package for full-time employees including Health/Dental/Vision/Prescription Drug Plan, Flexible Benefits Plan, 401K Retirement Savings Plan, Life and Disability Benefits, Paid Parental Leave, Paid Holidays, Paid Vacation, Tuition Reimbursement, and more.
EOE Veterans/Disabilities
Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology, Other, and Design Industries: Banking, Retail, and Manufacturing
No referrals or sign-in prompts included in this description.
#J-18808-Ljbffr