Application Security Architect
We are looking for someone with a strong application security architecture background to join our elite team of security professionals. The ideal candidate can discuss abstract concepts or lead meetings but not be afraid to deep dive in technical details (From whiteboard to JAVA code, from Microsoft World to the Sequence Diagrams). If you can navigate software diagrams, java source code, TSQL, .NET code or store procedures, – LET'S TALK!!!!
As a security architect in Ultimate Software, you will join a team of top talented engineers with the goal to secure our organization infrastructure, application and data. You will collaborate with developers, system administrators, architects, and other members of the security organization to build highly secure systems and applications to hold our customer data. You will own the security of new systems, applications, and environments from beginning/blueprints to deployment – getting all the support you need along the way. You will build relationships with both the development and architecture organizations - helping them to incorporate security controls in their day-to-day activities.
Ultimate is ranked #1 on FORTUNE's "Best Places to Work in Technology" for 2017 and #7 for "100 Best Places to Work For" in 2017. Ultimate is also ranked #5 on the inaugural list of "100 Best Workplaces for Millennials," #5 on Fortune's "50 Best Workplaces for Diversity," and #8 on Forbes magazine's 2016 list of "Most Innovative Growth Companies."
Primary Responsibilities: (other duties may be assigned)
- Self-lead/Takes initiate, Build relationships – be trusted as expert advisor for security related questions, lead meetings as needed.
- Threat Modeling, Risk Analysis, Design and/or Architecture Reviews – Understand and use threat model methodologies/Risk Analysis and or Architecture Review methods to be able to model application and understand Threats.
- Document necessary security controls/requirements that should be in place.
- Perform Source Code Review - Deep dive into the code to understand what is happening or validate if controls were implemented appropriately.
- Comfortable in designing technical solutions to mitigate or eliminate security vulnerabilities
- Comfortable to coordinate brainstorm activities to document threat scenarios
- Comfortable to review network architectures and operation system security settings
- 5 years of relevant work experience
- Authentication (Identity management, MFA/2FA)
- Applied Cryptography (PKI, Appropriate usage of Cryptographic Primitives, Digital Signatures, HASHing, HMACs)
- Authorization (claims, RBAC, fine grained, coarse grained, XACML, OAUTH, SAML)
- Web Services Security (WS-Security, Oauth, JWT)
- Coding Experience in one or more general language (.Net, Java, C/C++, Python)
- Ability to multi-task
- Comfortable working multiple projects simultaneously
- 10 years of relevant work experience
- Network Design Concepts (TCP/IP, Routing, Switching)
- Operation System Security
- Security DevOps: Automation, Static Code Analysis
- Bachelor's degree in Computer Science or a related technical field, or equivalent practical experience.
Travel Requirement: None
This job description has been written to include the general nature of work performed. It is not designed to contain a comprehensive detailed inventory of all duties, responsibilities and qualifications required of employees assigned to this job.
Meet Some of Ultimate Software's Employees
Team Lead, Time Clock Team
As Team Lead, Markese takes care of the time clock needs, whether it’s related to hardware, software, or networking, ensuring customers can utilize the time clock functions without disruption.
Back to top