Application Security Solutions Architect | Solutioning/Research/Implementation (Remote) Details

Application Security Solutions Architect | Solutioning/Research/Implementation (Remote)

Trace3 - New York, NY

Employment Type : Full-Time

Who is Trace3?

Trace3 is a leading Transformative IT Authority, providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation, we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate, Automate, Innovate.

Our culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it!

Trace3 is headquartered in Irvine, California. We employ more than 1000 people all over the United States. Our major field office locations include Atlanta, Denver, Detroit, Indianapolis, Grand Rapids, Lexington, Los Angeles, Louisville, San Diego, San Francisco, and Scottsdale.

Ready to discover the possibilities that live in technology?

Come Join Us!

Street-Smart - Thriving in Dynamic Times

We are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the "big picture." We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems.

Juice - The "Stuff" it takes to be a Needle Mover

We get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like.

Teamwork - Humble, Hungry and Smart

We are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it's due and demonstrate transparency. We "bring the weather" by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures – not just their success. We appreciate the individuality of the people around us.

About the Role:

Trace3 is looking for an experienced Application Security Professional to join our fast-growing DevSecOps consulting practice to help our customers in evaluating and implementing application security solutions. This is a hybrid role where you will be spending some of your time in a presales capacity as the hands on solutions expert to support our sales teams to prospect, influence, architect, and scope application security solutions to our customers. You will help develop application security sales and technical training collaterals for customers and our internal sales teams. You will conduct research and market analysis of leading application security solution platforms as well as lab testing them to validate coverage and evaluate efficacy. You will also assist our sales teams to understand client's business goals and technical requirements to rationalize the appropriate application security solutions for their use cases.

You will also spend time being responsible for delivering application security services and advise our customers on secure software development. This includes planning and leading the implementation and adoption of application security platform solutions, reviewing customer software architecture and source code, provide training for developers and management, and drive solutions adoption across multiple development teams.

What You'll Do:

• Lead presales engagements as the Application Security subject matter expert to Trace3 customers and sales teams nationally
• Work closely with our sales teams throughout the sales process to ensure all the client's technical needs are understood and met with the best possible solution options
• Drive technical relationships with all stakeholders and support sales opportunities
• Present at client facing and industry events as the SME in application security
• Conduct research analysis and lab testing of application security solutions to evaluate efficacy, use cases coverage, and fit-for-purpose
• Build and maintain application security vendor partner relationships
• Contribute to the development of both customer facing and internal facing presales collaterals
• Contribute to the development of service offering collaterals and service delivery documentations that we can take to market with selected application security solutions
• Champion Agile and DevOps leading-practices, processes, design patterns, and tools in support of DevSecOps transformation
• Assist in services opportunity generation, technical scoping, and Statements of Work (SOW) writing
• Assist in the delivery of application security services
• Promote DevSecOps culture to our customers
• Drive adoption of application security tools and DevSecOps practices as part of customer's transformation

Qualifications & Interests:

• At least 5 years of Development Experience in any programming language
• Minimum of 8 years of combined hands-on experience as a software engineer, DevOps engineer, and/or Application Security engineer
• Previous experience working as a Sales Engineer or Solutions Architect working with application security software products or services
• Ability to assess customer requirements, identify business problems, and demonstrate proposed solutions
• Programming and scripting proficiency – minimum of two: C#, Java, Typescript, Javascript, Bash, Python, Go
• Experience with various application security tools including SAST, SCA, IAST, DAST, API Security, WAF, and RASP
• Experience integrating and operating commercial application security solutions (SAST/SCA/DAST/IAST) such as Veracode, Checkmarx, Synopsys, WhiteSource, Snyk, Invicti – Accunetix or Netsparker, Contrast Security
• Prior experience working at an application security vendor – bonus points
• Experience building secure software based on frameworks such as OWASP SAMM, ASVS, MASVS, CWE, SANS, BSIMM.
• Experience in implementing and integrating security tools into CI/CD
• Experience with Agile methodologies such as Scrum and Kanban
• Knowledge of developer tools and environments, project management and bug tracking systems
• Understanding of cloud native development patterns and microservices architecture

BONUS QUALIFICATIONS:

• Experience with Mobile Application Security solutions and practices
• Experience with cloud security posture management and cloud workload protection platform solutions such as (Aqua Security, Palo Alto Prisma Cloud, Sysdig, Lacework, Orca Security, Wiz)
• Experience with Infrastructure as Code Security solutions such as Bridgecrew, Snyk, and Fugue
• Understanding of service-oriented architecture (REST APIs, micro-services, etc) and security best practices
• DevOps and Architecture experience and certifications with one of the major public cloud providers (AWS, Azure, Google Cloud)
• Experience with securing containers, kubernetes, and AWS Lambda functions
• Experience conducting secure coding training and implementing security champions program
• Experience conducting threat modeling and application penetration testing
• Prior consulting experience is a plus
• Must have excellent interpersonal skills, a high degree of professionalism and the ability to design technology solutions for commercial and large enterprise companies
• Excellent presentation, communication, and writing skills required

The Perks:

• Comprehensive medical, dental and vision plans for you and your dependents
• 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability
• Competitive Compensation
• Training and development programs
• Stocked kitchen with snacks and beverages
• Collaborative and cool office culture
• Work-life balance and generous paid time off

***To all recruitment agencies: Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.