Application Security Architect
About Us:
LogicMonitor is the leading SaaS-based performance monitoring platform for enterprise IT.
We love going to work and think you should too. We are customer-obsessed, work as one team, and strive to be better every day. These are our core values. So it's no surprise that we work hard and genuinely have fun working with each other to achieve great things together.
This position can be remote, offering you the flexibility to work out of your home full-time. You'll have easy access to and support from your manager and frequent video meetings to keep you plugged into your team. We are looking for you to bring your expertise, drive, and passion as we expand our global presence and achieve record-breaking success.
LogicMonitor is an equal opportunity employer. We’re committed to creating an inclusive environment for all our employees, where different backgrounds and perspectives are valued and encouraged - regardless of race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. We encourage all people to come as they are.
We operate with integrity, esteem diversity and treat each other fairly and with respect. We strive to find our own versions of personal and professional harmony through community building and holistic growth. We hear time and time again that our awesome people are a huge part of why LMers chose LogicMonitor, love their teams, and choose to stay.
What You'll Do:
The Application Security Architect is an impactful opportunity to own and drive all aspects of software application security as it relates to the LM product architecture. In this position, you will drive and maintain security related design, best practices, and processes within the software development team.
Our goal is to operationalize a DevSecOps program for the software development team distributed across the various locations. As the Application Security Architect, you will play a key leadership role in helping achieve this vision.
Here's a closer look:
- Serve as a subject matter expert on software security with respect to the LM product architecture/design
- Collaborate with the CISO team and PMs on risks, issues and priorities of same
- Collaborate with QA on creating a comprehensive testing strategy
- Communicate to upper management on as needed basis
- Influence development team to better LM coding/development best practices
- Educate development team on an ongoing basis on relevant security dev topics
- Review and influence development detailed design related to security
- Create and evolve a sustainable and strong process related to dev security review (from CI/CD perspective)
- Maintain development security roadmap
- Focus is on "Development" perspective vs. operations/business, but awareness and interaction with other teams will be critical
- Evaluate open source and establish guidelines related to same from security perspective
What You'll Need:
- Bachelor's Degree in Computer Science or equivalent
- Direct experience with Java, Python & Go, with expertise in at least one of these languages
- Direct experience with TLS/SSL, certificates, encryption, authentication and frameworks related to same
- Understanding of benefits/tradeoffs between different API authentication options (API keys, Auth2, JWTs)
- Understanding of Engineering, Operations, and QA processes and interactions (typical of SaaS products). This includes CI/CD pipeline as well as broader product lifecycle
- Ability to review code and software architectures and guide developers on security design decisions
- Experience with static and dynamic security test tools
- Experience with OWASP SAMM
- Understanding/experience with OWASP Top 10, security pillar for the AWS well architected framework
- Experience with managing/understanding Open Source security risks
- Direct experience with AWS, very familiar with AWS security model
Residents of California, click Here to view our California Applicant Privacy Notice.