Information Security Architect – Application Security

Job Description

 

Application Security Architect will join a team of security professionals to practice and advocate to improve the security of Cree’s corporate environment every day.  Ideal candidate will have strong foundational knowledge in all areas of Information Security, particularly a deep knowledge of application software development along with great analytical skills, ability to manage very complex and diverse systems.

This is a hands-on technical lead role, directly interacting with the application development teams and provide leadership to drive alignment on security requirements, influence decision makers, build relationships and communicate strategy and architecture internally.  Ideal candidate is someone who wants to take on challenges in the building a greater security team, who thrives under pressure with the challenges of integrating myriad cutting edge technologies, and who looking for opportunity to influence Cree’s overall security posture.

 

Functional Responsibilities

  • Work with the internal applications development team to drive the development of strategies and plans for improving both architecture and application security
  • Define set of required application security controls, associated standards, and training material for internally developed IT applications
  • Drive necessary improvements by collaborating across Information Security, IT and the business
  • Design and implement processes and tools for Integrating automated testing tools (Static Application Security Testing SAST, Dynamic Application Security Testing – DAST, and other)
  • Identify security design gaps in applications by conducting in-house testing and/or code review and recommend changes or mitigations
  • Participate in threat assessment and modeling to identify gaps and overlap in the security portfolio
  • Lead projects of different sizes and complexities
  • Staying abreast of changes in vendor landscape and providing guidance regarding cloud service offerings
  • Understand and provide strategic roadmaps for the adoption of emerging technologies including cloud, develops, cloud native architectures, data and cognitive, and AI-driven threat detection and security assessments
  • Develops performance metrics, trend statistical data and customized management reports on the state of application security
  • Take corrective action using the industry best practices for incident response as well as advises on remediation activities on security events escalated to Information Security
  • Research and maintain proficiency in tools, techniques, countermeasures, and trends in exploits and attack vectors
  • Act as a mentor to provide technical guidance to junior members of the team

Qualifications

  • Passion for information security and incident response
  • Proven success in working closely with software engineering teams to improve application security through tools, automation and awareness – 5+ years of relevant experience
  • Strong understanding of common vulnerabilities in web and mobile applications
  • Solid understanding of some of the following: Visual Basic, .NET, ASP, SQL, Java, Javascript, Powershell, python and HTML
  • Critical thinking and problem-solving skills
  • At least 5 years of experience in a software development environment
  • Ability to quickly learn new technologies and respond to changing requirements and environment
  • Ability to work independently and in a cross functional team
  • Ability to identify both tactical and strategic solutions to complex issues 
  • Focus: Able to communicate goals in support of the business' mission.
  • Drive: Self-motivated and able to work well under pressure. Proactive in identifying and proposing new solutions.
  • Teamwork: Demonstrated technical leadership, ability and desire to work cooperatively with others on a team. Develop, maintain, and strengthen partnerships that can provide information, assistance, and support.
  • Communication: The ability to ensure that information is passed on to others who should be kept informed. Express self clearly in conversations and interactions with others. Clear business and technical writing skills.
  • Analytical: The ability to tackle a problem by using a logical, systematic, sequential approach.
  • Technical Expertise: The ability to demonstrate depth of knowledge and skill in a technical area.
  • Forward Thinking: The ability to anticipate the implications and consequences of situations and take appropriate action to be prepared for possible contingencies.
  • Influencing Others: The ability to gain others' support for ideas, proposals, projects, and solutions.

 

This role may require additional duties and/or assignments as designated by management.

Company Overview

At Cree | Wolfspeed, we’ve spent more than 30 years developing industry firsts as a leader in wide bandgap semiconductor technology. Not familiar with all of our products? That is because we are a part of the invisible revolution; if we do our job right you will never know we were there. Our products make impossible possible like our LEDs that power cities to our Silicon Carbide (SiC) and Gallium Nitride (GaN) components that power electric vehicles, solar energy, telecommunications and industrial, military and aerospace solutions.

 

We believe in enabling the world to do more with less. That’s why we encourage each other to think unconventionally, take ownership and solve real problems. Interested in a career at Cree | Wolfspeed? We want to meet you. Submit your application now.

 

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law.


Back to top