Lead Application Security Architect

• Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers-including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and bjectives to accelerate CDW's business goals in a secure way.

Your role at CDW is of the utmost importance to the company's mission, objectives, and reputation. As the Senior Application Security Lead/Architect, you will play a pivotal role in finding weaknesses in CDW's software technology stack to ensure identification and resolution ahead of adversary detection and exploitation. Your responsibilities include three parts:

Key Areas of Responsibilities
Vulnerability Research

• Perform manual hands-on penetration testing and code reviews to identify security weaknesses across a wide variety of technology solutions, including on-premises applications and SaaS platforms.

• Develop new tactics, techniques, and procedures to identify zero day vulnerabilities across CDW's critical crown jewel applications and platforms.

• Create proof of concept code and demonstrations to communicate exposure and exploitation outcomes for various audiences.

• Partner with information security coworkers to ensure appropriate logging and detections are in place to identify newly identified offensive security tactics and techniques.

• Mentor junior security architects and penetration testers-ensuring alignment on methodology and tradecraft.

Architecture Advisory

• Participate in CDW's global Secure Software Development Life Cycle (S-SDLC) program-providing advisory on secure code and architecture patterns to ensure consistent, repeatable, and scalable security across common application, API, and platform use cases.

Responsible Disclosure

• Produce detailed technical reports, public blog posts, and articles-boosting CDW's industry reputation while enhancing your brand.

• Follow common practices to responsibly disclose zero day vulnerabilities impacting vendor products.

• *Education and/or Experience Qualifications *

• Bachelor's Degree

• 10 Years of experience Information Security

Required Qualifications

Who you are:

• You thrive on making an impact-for your team, your company, and the industry

• You are extremely hands-on with a passion for technology

• You do not accept the status-quo, and always strive to improve

• You are eager to learn and seek professional development continuously

• You are resourceful, open-minded, analytical and enjoy solving complex problems

• You are diligent and self-motivated

What we are looking for:

• We value experience, skills, drive, aptitude, and attitude over university degrees and certifications

• Demonstrated track record of vulnerability exploitation across various technology stacks

• Ability to threat model to identify design flaws and security control gaps

• Demonstrated experience in secure software engineering practices-including authentication, authorization, API, and application security