- Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers-including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and bjectives to accelerate CDW's business goals in a secure way.
Your role at CDW is of the utmost importance to the company's mission, objectives, and reputation. As the Senior Application Security Lead/Architect, you will play a pivotal role in finding weaknesses in CDW's software technology stack to ensure identification and resolution ahead of adversary detection and exploitation. Your responsibilities include three parts:
Want more jobs like this?
Get Software Engineering jobs that are Remote delivered to your inbox every week.
Key Areas of Responsibilities
Vulnerability Research
-
Perform manual hands-on penetration testing and code reviews to identify security weaknesses across a wide variety of technology solutions, including on-premises applications and SaaS platforms.
-
Develop new tactics, techniques, and procedures to identify zero day vulnerabilities across CDW's critical crown jewel applications and platforms.
-
Create proof of concept code and demonstrations to communicate exposure and exploitation outcomes for various audiences.
-
Partner with information security coworkers to ensure appropriate logging and detections are in place to identify newly identified offensive security tactics and techniques.
-
Mentor junior security architects and penetration testers-ensuring alignment on methodology and tradecraft.
Architecture Advisory
- Participate in CDW's global Secure Software Development Life Cycle (S-SDLC) program-providing advisory on secure code and architecture patterns to ensure consistent, repeatable, and scalable security across common application, API, and platform use cases.
Responsible Disclosure
-
Produce detailed technical reports, public blog posts, and articles-boosting CDW's industry reputation while enhancing your brand.
-
Follow common practices to responsibly disclose zero day vulnerabilities impacting vendor products.
-
*Education and/or Experience Qualifications *
-
Bachelor's Degree
-
10 Years of experience Information Security
Required Qualifications
Who you are:
-
You thrive on making an impact-for your team, your company, and the industry
-
You are extremely hands-on with a passion for technology
-
You do not accept the status-quo, and always strive to improve
-
You are eager to learn and seek professional development continuously
-
You are resourceful, open-minded, analytical and enjoy solving complex problems
-
You are diligent and self-motivated
What we are looking for:
-
We value experience, skills, drive, aptitude, and attitude over university degrees and certifications
-
Demonstrated track record of vulnerability exploitation across various technology stacks
-
Ability to threat model to identify design flaws and security control gaps
-
Demonstrated experience in secure software engineering practices-including authentication, authorization, API, and application security