Security Solutions Architect | DevSecOps/AppSec (Remote)
- Remote •
- Full Time
Not Available
About the job
Who is Trace3?
Trace3 is a leading Transformative IT Authority, providing unique technology solutions and consulting services to our clients. Equipped with elite engineering and dynamic innovation, we empower IT executives and their organizations to achieve competitive advantage through a process of Integrate, Automate, Innovate.
Our culture at Trace3 embodies the spirit of a startup with the advantage of a scalable business. Employees can grow their career and have fun while doing it!
Trace3 is headquartered in Irvine, California. We employ more than 1,200 people all over the United States. Our major field office locations include Denver, Indianapolis, Grand Rapids, Lexington, Los Angeles, Louisville, Texas, San Francisco.
Ready to discover the possibilities that live in technology?
Come Join Us!
Street-Smart - *Thriving in Dynamic Times*
We are flexible and resilient in a fast-changing environment. We continuously innovate and drive constructive change while keeping a focus on the “big picture.” We exercise sound business judgment in making high-quality decisions in a timely and cost-effective manner. We are highly creative and can dig deep within ourselves to find positive solutions to different problems.
Juice - *The “Stuff” it takes to be a Needle Mover*
We get things done and drive results. We lead without a title, empowering others through a can-do attitude. We look forward to the goal, mentally mapping out every checkpoint on the pathway to success, and visualizing what the final destination looks and feels like.
Teamwork - *Humble, Hungry and Smart*
We are humble individuals who understand how our job impacts the company's mission. We treat others with respect, admit mistakes, give credit where it’s due and demonstrate transparency. We “bring the weather” by exhibiting positive leadership and solution-focused thinking. We hug people in their trials, struggles, and failures – not just their success. We appreciate the individuality of the people around us.
About the Role:
Trace3 is seeking an experienced Application Security Professional to join our fast-growing DevSecOps consulting practice, helping customers evaluate and implement application security solutions. This is a presales role where you will serve as the solutions expert, supporting our sales teams in prospecting, influencing, architecting, and scoping application security solutions for our customers. You will assist in developing application security sales and technical training collateral for customers and internal sales teams. Additionally, you will conduct research and market analysis of leading application security platforms, performing lab testing to validate coverage and efficacy. You will also help our sales teams understand clients' business goals and technical requirements to recommend appropriate application security solutions for their use cases. This includes planning and leading the implementation and adoption of application security platforms, reviewing customer software architecture and source code, providing training for developers and management, and driving solution adoption across multiple development teams.
What You’ll Do:
- Lead presales engagements as the DevSecOps Application Security subject matter expert to Trace3 customers and sales teams nationally
- Work closely with our sales teams throughout the sales process to ensure all the client’s technical needs are understood and met with the best possible solution options
- Drive technical relationships with all stakeholders and support sales opportunities
- Present at client facing and industry events as the SME in application security
- Conduct research analysis and lab testing of application security solutions to evaluate efficacy, use cases coverage, and fit-for-purpose
- Build and maintain application security vendor partner relationships
- Contribute to the development of both customer facing and internal facing presales collaterals
- Contribute to the development of service offering collaterals and service delivery documentations that we can take to market with selected application security solutions
- Champion Agile and DevOps leading-practices, processes, design patterns, and tools in support of DevSecOps transformation
- Assist in services opportunity generation, technical scoping, and Statements of Work (SOW) writing
- Assist in the delivery of application security services
- Assist teams with driving adoption of application security tools and DevSecOps practices as part of customer’s transformation
Qualifications & Interests:
- At least 5 years of Development Experience in any programming language
- Minimum of 5 years of combined hands-on experience as a software engineer, DevOps engineer, or Application Security engineer
- Previous experience working as a Sales Engineer or Solutions Architect working with application security software products or services
- Strong understanding of cloud-native development patterns, microservices architecture, and the deployment and security of applications in cloud-native environments
- Ability to assess customer requirements, identify business problems, and demonstrate proposed solutions
- Programming and scripting proficiency – minimum of two: C#, Java, Typescript, Javascript, Bash, Python, Go
- Hands on experience with various application security tools including SAST, SCA, IAST, DAST, API Security, WAF, and RASP
- Hands on experience implementing and integrating security tools into CI/CD
- Hands on experience integrating and operating commercial application security solutions (SAST/SCA/DAST/IAST) such as Veracode, Fortify, Checkmarx, Synopsys, WhiteSource, Snyk, Invicti, Contrast Security
- Experience delivering secure software based on frameworks such as OWASP SAMM, ASVS, MASVS, CWE, SANS, BSIMM.
- Experience with Agile methodologies such as Scrum and Kanban
- Knowledge of developer tools and environments, project management and bug tracking systems
- Prior experience working at an application security vendor – bonus points
BONUS QUALIFICATIONS:
- Experience with API security solutions such as Traceable, Noname Security, Salt Security
- Understanding of service-oriented architecture (REST APIs, micro-services, etc) and security best practices
- DevOps and Architecture experience and certifications with one of the major public cloud providers (AWS, Azure, Google Cloud)
- Experience with conducting secure coding training, implementing security champions program, threat modeling, or application security testing
- Prior consulting experience is a plus
- Must have excellent interpersonal skills, a high degree of professionalism and the ability to design technology solutions for commercial and large enterprise companies
- Excellent presentation, communication, and writing skills required
The Perks:
- Comprehensive medical, dental and vision plans for you and your dependents
- 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability
- Competitive Compensation
- Training and development programs
- Stocked kitchen with snacks and beverages
- Collaborative and cool office culture
- Work-life balance and generous paid time off
****To all recruitment agencies:* Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.
Actual salary will be based on a variety of factors, including location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base salary.Estimated Pay Range$175,000—$200,000 USD
The Perks:
- Comprehensive medical, dental and vision plans for you and your dependents
- 401(k) Retirement Plan with Employer Match, 529 College Savings Plan, Health Savings Account, Life Insurance, and Long-Term Disability
- Competitive Compensation
- Training and development programs
- Stocked kitchen with snacks and beverages
- Collaborative and cool culture
- Work-life balance and generous paid time off
****To all recruitment agencies:* Trace3 does not accept unsolicited agency resumes/CVs. Please do not forward resumes/CVs to our careers email addresses, Trace3 employees or any other company location. Trace3 is not responsible for any fees related to unsolicited resumes/CVs.