Application Security Architect

| Greater Denver Area

Overview

The Opportunity:

With 6,000+ clients and over 500,000 screens deployed, FWI’s software platform is driving Visual Communications to millions of people every day, all over the world. We are a values-driven organization that encourages our employees to bring their authentic self to work every day and empowers everyone to make a tangible impact on our products, clients and culture. Our employees are passionate about their craft, but they are also parents, skiers, comedians, runners, animal lovers, foodies and phenomenal human beings who appreciate our dedication to providing a healthy work/life balance.

 

We’re proud to be one of Built In Colorado’s top digital tech companies. At FWI, our culture is important to us. We are a diverse team of talented, passionate people who want to make a difference, but don’t take ourselves too seriously. If our core values speak to you, we want to meet you:

  • Bring your best self
  • See it
  • Own it
  • Crush it
  • Be Gracious

Four Winds Interactive  is actively seeking an Application Security Architect to help us implement and maintain best security practices in our SDLC, which includes but is not limited to, “Privacy by Design” principles, SD3+C methodologies, threat modeling, auditing, secure software code design, security awareness training for engineering, and general application penetration testing. This is an incredible opportunity for someone with a strong background in application penetration testing, to shape and grow an entirely new role at FWI. An ideal candidate will have a background in Engineering/Development, be an excellent collaborator, a leader, and want to make a large impact in a global organization.

The compensation package will be aligned to each candidate’s experience and qualifications. All applicants must be authorized to work in the United States.

 

Responsibilities

Primary Responsibilities:

  • Conduct secure coding training for Software Engineers.
  • Participate in code development.
  • Facilitate our secure SDLC which includes AVS scanning, SD3+C, and PD3+C methodologies, etc.
  • Facilitate security design sessions, documenting the proposed design including diagramming.
  • Perform threat modeling using DREAD and STRIDE.
  • Manual Penetration Testing of our Products and Vendor Products.
  • Review and maintenance of service documentation.
  • Develop detailed vulnerability reports for application owners and management teams.
  • Conduct detailed penetration test report read-outs with application owners and management teams and provide remediation recommendations.
  • Assist with application security standards and policy documentation

Qualifications

Requirements for Success:

  • 3-5 years of experience performing network and application security testing.
  • 5+ years of experience in software engineering working in .NET, JavaScript, React, HTML, AWS Micro Services, Python, and AWS-based lambda.
  • 2+ years working on security principles in software engineering with expert knowledge in Open Web Application Security Project (OWASP) security principles.
  • Working knowledge of software vulnerabilities.
  • Experienced in Network, Web and Mobile technologies and vulnerabilities
  • Familiarity with penetration testing tools such as Nessus vulnerability scanners, BurpSuite Pro, Metasploit, Kali Linux.
  • Excellent organizational, analytical, verbal and written communication skills are essential.
  • Strong customer service skills.
  • Ability to test a variety of projects simultaneously and to learn new tools and security testing methodologies in a team-oriented environment.

Helpful for Success:

  • A Bachelor’s degree in Management Information Systems (or equivalent.)
  • General knowledge of network and software design.
  • Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP) required.
  • Other security certifications: Systems Security Certified Practitioner (SSCP.)

 

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status

Read Full Job Description

Technology we use

  • Engineering
    • .NETLanguages
    • C#Languages
    • JavaLanguages
    • JavascriptLanguages
    • ObjectiveCLanguages
    • SwiftLanguages
    • TypeScriptLanguages
    • jQueryLibraries
    • ReactLibraries
    • ReduxLibraries
    • ASP.NETFrameworks
    • Node.jsFrameworks
    • XamarinFrameworks
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • RedisDatabases

Location

1221 Broadway Street, Denver, CO 80203

An Insider's view of Four Winds Interactive

What makes someone successful on your team?

We have a values driven culture. Those who thrive at FWI embody those values. They bring their best self every day, they have the ability to see different points of views and identify solutions to problems. Success means taking ownership and accountability while collaborating and building up our colleagues.

Megan Jo

Senior Technical Recruiter

What are Four Winds Interactive Perks + Benefits

Culture
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Open office floor plan
Diversity
Unconscious bias training
Diversity manifesto
Health Insurance & Wellness Benefits
Dental Benefits
Vision Benefits
Health Insurance Benefits
Wellness Programs
Onsite Gym
Team workouts
Acme Co.'s team fitness initiatives include In-office yoga, In-office fitness classes, Sponsored race teams.
Retirement & Stock Options Benefits
401(K) Matching
Child Care & Parental Leave Benefits
Generous Parental Leave
Remote Work Program
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Volunteer Time
Paid Holidays
Perks & Discounts
Casual Dress
Commuter Benefits
Happy Hours
Parking
Professional Development Benefits
Diversity Program
Promote from within
More Jobs at Four Winds Interactive6 open jobs
All Jobs
Dev + Engineer
Operations
Project Mgmt
Sales