Application Security Architect at LogRhythm

| Greater Boulder Area
Sorry, this job was removed at 11:09 a.m. (MST) on Thursday, March 11, 2021
Find out who's hiring in Colorado.
See all Developer + Engineer jobs in Colorado
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

About us:

LogRhythm, a Thoma Bravo company, empowers more than 4,000 customers across the globe to measurably mature their security operations program. LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralization of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organizations like NASA, XcelEnergy, and Temple University to promote visibility for their cybersecurity program and reduce risk to their organization each and every day. LogRhythm is the only provider to earn the Gartner Peer Insights Customers’ Choice for SIEM designation three years in a row.  

Who we are looking for:

LogRhythm is seeking an Application Security Architect that will lead the design and implementation of application security architecture, infrastructure, and processes to align to our company and product needs.  You will be responsible for ensuring LogRhythm products adhere to corporate and product certification requirements, securing LogRhythm’s development and production environments, and protecting customer data.

You and your team will perform application security assessments, architecture reviews, threat modeling, code reviews, and raise developer awareness of security best practices. You will partner closely with our development teams to produce secure solutions. You will work cross functionally with your peers in the engineering organization as well as leaders in other business units. 

Here’s an overview of the responsibilities & challenges ahead:

  • Develop a detailed roadmap for the security of LogRhythm’s products.  Define, plan, and measure the progress of security projects.  Report status on project progress and recommend correction as needed.
  • Lead penetration testing and other regular security assessment tests of LogRhythm’s products and operational environments.  Review assessment reports and coordinate with engineering to ensure findings are remediated.
  • Lead the design and implementation of the DevSecOps pipeline integrating security into the CI/CD pipeline of LogRhythm’s products. 
  • Create and foster a cross-functional DevSecOps culture in developing, deploying, and monitoring complex applications and mission critical infrastructure.
  • Collaborate with GRC and engineering to design and implement technical solutions to meet compliance standards (SOC2, ISO27001, GDPR, Privacy Shield, HIPAA, PCI, FedRAMP, CMMC, DISA APL, FIPS and Common Criteria, etc.).
  • Ensure that security is represented throughout the product SDLC from requirements, to design, implementation, deployment and continuous monitoring in operations.
  • Organize and administer security training relevant to engineers such as those based on the OWASP Top 10 Application Security Risks to raise security awareness.  Publish security standards and best practices for engineering teams.
  • Be a champion of security throughout the organization by defining best practices and pushing for both technical and cultural change.
  • Develop, document, implement, and enforce policies and procedures relevant to application security such as code reviews, vulnerability management, configuration management, audits, etc.
  • Provide coaching and mentorship to junior team members.

About you:

  • Bachelor’s degree in Computer Science, Management Information Systems, Engineering or related field, or equivalent work experience.
  • 10+ years experience in Information Security Engineering, in a mix of both technical and management capacity.
  • Previous success in building effective collaboration between AppSec and Engineering teams.
  • Deep understanding of web application architecture and design principles
  • Direct experience performing security design reviews for complex applications, including distributed systems, APIs, and services deployed to cloud, on-premise, and hybrid environments
  • Previous experience with penetration testing web-based SaaS applications and systems operating out of Cloud infrastructure (AWS, GPC, Azure, etc.).
  • Previous experience in software engineering, secure coding best practices, and security code reviews in at least one of the following: Java, JavaScript, Go, C#, Python.
  • Understanding of compliance standards and how they impact software products and cloud operations.
  • Contributions to the security community a plus: research papers, public CVEs, conference talks, open source, etc.
  • Security and project management certifications a plus: CISSP, CISM, PMP, etc.

Salary and Other Compensation;        

  • The annual starting salary for this position is between $175,000- $225,000 depending on experience and other qualifications of the successful candidate.

Benefits:

LogRhythm offers the following benefits for this position, subject to applicable eligibility requirements;

  • Medical
  • Vision
  • Dental
  • HSA
  • FSA
  • 401k plan
  • Flexible time off
  • Employee assistance program
  • Employees are eligible to receive incentive units

Additional information;

  • Created:/ Revised Date: - 5th February 2021
  • Reporting to: - Director of Security/Deputy CISO
  • Location: - Boulder, Colorado (will consider US remote working)
  • Employment Status: - Full Time
  • FLSA/ Applicable State Law Status- Except

Workplace equality & inclusion are not just words or topics for LogRhythm, they are part of our core values, beliefs, and integral to our company culture. We hire the best of the best and do not discriminate based on race, gender, age, religion, sexual orientation, identity, or other personal factors. LogRhythm was built on the principals of innovation, dedication, creativity, and commitment. It is through these key areas we were able to grow as an equal and inclusive workplace, one where our employees feel respected and safe in.

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. The company reserves the right to modify this information at any time, subject to applicable law.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • GolangLanguages
    • JavaLanguages
    • PythonLanguages

Location

4780 Pearl East Circle, Boulder, CO 80301

An Insider's view of LogRhythm

How do your team's ideas influence the company's direction?

As a security-first company, our security teams have direct influence on the direction of the products and services we deliver to our customers and to the security market. Everybody has great ideas and experiences, and we want our employees to contribute and feel empowered by the impact they have on the company, our customers, and the greater good.

James Carder

Chief Security Officer & Vice President of Labs

What are LogRhythm Perks + Benefits

LogRhythm Benefits Overview

Free Food- Lunch every Friday is on us. And to get you through those other days, there’s Monday cinnamon rolls, fro-yo gatherings and plenty of birthday cake.

LoGiving- We are dedicated to giving back and empowering our employees, customers, and communities.

Wellness- We are competitive when it comes to wellness. Sign up for our activity competition and get a free fitness tracker. Discounted gym memberships, annual health screenings and flu shots are here for you, too.

While at work- On-site yoga, gym, pool bikes, ping-pong, foosball and weekly meditation. Or get outside on the Boulder Creek Path.

Employee referral program- We know the best people know the best people.

Health- Benefits include top-of-the-line health insurance and a generously funded HSA.

Work life balance- We mean it. Flex time off, 12 sick days, 9 company holidays and company-sponsored volunteering opportunities. Oh and take your birthday off — it’s policy.

Culture
Volunteer in local community
Our employees participate in a number of volunteer activities every year, such as the Pedal 4 Possible charity bike ride and Boulder Open Space cleanups.
Partners with Nonprofits
Every year, we run donation drives for Coats for Colorado and Community Food Share. We also participate in a number of other activities organized by our Logiving committee.
Friends outside of work
Eat lunch together
Intracompany committees
To support our community, LogRhythm created Logiving, a committee of LogRhythm employees across the company dedicated to giving back. To read about their work, visit logrhythm.com/about/logiving/
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Diversity
Dedicated Diversity/Inclusion Staff
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
LogRhythm employees can contribute up to $2700 annually to their FSA for the 2019-2020 plan year.
Disability Insurance
Disability insurance covers 60% of base weekly pay for short-term disability insurance and 60% of base monthly pay for long-term disability insurance.
Dental Benefits
Vision Benefits
Health Insurance Benefits
LogRhythm provides health insurance benefits.
Life Insurance
Life insurance is offered in $10,000 increments up to $1,000,000 or up to six times annual salary, whichever is less.
Pet Insurance
LogRhythm provides access to pet insurance.
Wellness Programs
LogRhythm's health and wellness programs include the bi-annual Biggest Logger competition and corporate discounts to certain fitness clubs.
Onsite Gym
Team workouts
LogRhythm's fitness offerings include an on-site gym, yoga classes, and the bi-annual Biggest Logger competition.
Retirement & Stock Options Benefits
401(K)
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
LogRhythm provides up to 8 weeks of parental leave (and 12 weeks of FMLA) for the primary caretaker and the secondary caretaker.
Flexible Work Schedule
LogRhythm provides employees with a flexible work schedule, including flexible start and end times.
Remote Work Program
Our remote work program includes full-time remote work for specific positions, as well as the ability for on-site employees to work remotely as needed.
Family Medical Leave
Company sponsored family events
LogRhythm offers multiple family-oriented events every year, including Logtoberfest, Bring Your Child to Work Day, and Bring Your Dog to Work Day (DogRhythm).
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Paid Sick Days
LogRhythm offers paid sick days.
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Company outings at LogRhythm include Logtoberfest and summer happy hours.
Game Room
Stocked Kitchen
LogRhythm has fully stocked kitchens, including unlimited coffee, tea, soda, and sparkling water. There are also vending machines in each building.
Some Meals Provided
Happy Hours
Happy hours are hosted on occasion .
Parking
LogRhythm offers employees free on-site parking.
Pet Friendly
LogRhythm participates annually in Bring Your Dog to Work Day.
Recreational Clubs
LogRhythm sponsors office sports leagues, including softball and hockey.
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
LogRhythm encourages professional development, including by offering opportunities for on-site and virtual training.
Diversity Program
Lunch and learns
LogRhythm hosts lunch and learn meetings for employees throughout the company.
Cross functional training encouraged
Promote from within
Mentorship program
Our mentorship program includes leadership mentoring.
Online course subscriptions available

Additional Perks + Benefits

Flexible Paid Time Off, Birthdays required off. Free Food Fridays. Yoga and Meditation Classes. Foosball, Ping Pong and Arcade Games.

More Jobs at LogRhythm21 open jobs
All Jobs
Data + Analytics
Dev + Engineer
Internships
Operations
Project Mgmt
Sales
Content
Sales
new
Remote
Sales
new
Remote
Developer
new
Remote
Sales
new
Remote
Sales
new
Remote
Content
new
Boulder
Data + Analytics
new
Boulder
Operations
new
Boulder
Internships
new
Boulder
Developer
new
Remote
Developer
new
Denver
Project Mgmt
new
Remote
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView LogRhythm's full profileSee more LogRhythm jobs