Security & Privacy Architect and SDL Coach

We are looking for a skilled and dynamic Security & Privacy Architect and SDL Coach to join our team and help enhance the security posture of our software development lifecycle. This role requires a strong foundation in code analysis, security architecture, and coaching teams on security best practices. You will collaborate closely with development teams, conduct security assessments, guide secure coding practices, and ensure adherence to industry standards. As a Security & Privacy Architect, your responsibilities will include identifying vulnerabilities and providing actionable recommendations to mitigate security risks. In your role as an SDL Coach, you will assist application teams in integrating security-focused practices into their software development lifecycle (SDLC) while ensuring compliance with regulatory standards like PCI-DSS. Your key responsibilities will involve code analysis, scanning, and remediation. You will configure and operate security scanning tools, perform static and dynamic code analysis, guide teams in remediating vulnerabilities, prioritize critical security issues, and escalate them for immediate resolution when necessary. You will also be responsible for conducting security assessments, offering actionable recommendations to address security gaps, assisting in the design of secure application architectures, and ensuring compliance with security standards. Furthermore, you will conduct Security Development Lifecycle (SDL) Coaching and Assessments, promote the adoption of security best practices, provide coaching and mentoring to developers, and participate in security risk assessments to ensure regulatory compliance. To excel in this role, you should have at least 8 years of experience in application security, possess a strong understanding of secure software development practices, be familiar with security tools and frameworks, and have knowledge of security vulnerabilities and remediation techniques. Additionally, you should have experience with common security frameworks, proficiency in programming/scripting languages, and in-depth knowledge of industry compliance standards. Preferred qualifications include security certifications such as CISSP, CISM, or CISA, experience with cloud security best practices, and familiarity with integrating security practices into DevOps pipelines and workflows. In summary, we are seeking a dedicated individual who can effectively contribute to our team by enhancing our security posture, guiding development teams on security best practices, and ensuring compliance with industry standards.,