Security Development Operations Architect

Title: Security Development Operations Architect
Location: New York City, NY
Job Type: Full Time/Permanent

Overview:
The Security Development Operations (SecDevOps) Architect is responsible for the design, development, and implementation of web applications, command-line scripts, and other technical deliverables for the SecDevOps Team within Information Security. The SecDevOps Architect will use agile methodologies and modern development practices to create, operationalize, and support applications that provide essential capabilities to Information Security and other stakeholders.

Core Skillsets/Experience:

• Ten (10) or more years of professional experience designing and developing scalable web applications using the Django framework. (Preference will be given to candidates with additional Node.js experience.)
• Ability to write clean, maintainable code that adheres to application security best practices.
• Extensive experience in creating, securing, and implementing APIs for third-party system integrations.
• Strong understanding of DevOps practices, tooling, and agile methodologies.
• Strong communication and technical leadership skills, comfortable both in front of an audience and at the keyboard.

Essential Job Duties:

• Design, develop, and maintain scalable web applications using modern Python and Node.js frameworks.
• Write clean, maintainable, and secure code following best practices and internal coding standards.
• Write HTML, JavaScript, and CSS to fulfill user interface requirements.
• Create, secure, and implement APIs for data exchange and integration with other systems.
• Write performant SQL queries for relational databases supporting web application functionality.
• Develop and execute unit tests to ensure code quality.
• Debug, diagnose, and correct issues impacting the performance of web applications, scripts, and other solutions.
• Use version control systems (e.g., Git) for all development activities.
• Work with DevOps platforms to manage code repositories, track work, and collaborate with team members.
• Develop CI/CD pipelines to automate and streamline deployments.
• Participate in code reviews and other collaborative technical sessions.
• Create and maintain detailed technical documentation.
• Perform periodic system administration and configuration tasks in Linux server environments.
• Continually improve web application functionality and user experience through collaboration with stakeholders and Information Security leadership.
• Collaborate with project stakeholders to identify emerging requirements, technical gaps, and potential targets for automation.
• Implement and utilize open-source and commercial software solutions to enhance software development practices and improve security.
• Stay up to date on industry trends, new technologies, and best practices.
• Organize and lead technical workshops and user-facing training events.
• Work effectively as part of a team and independently.
• Perform other technical, administrative, and project-related tasks as required.
• Occasional on-site presence may be required; candidates should reside within a commutable distance. No relocation assistance available.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related discipline, or equivalent experience.
• SEC401, Security+, or similar security professional certifications.
• Experience creating web applications using Python frameworks.
• Experience creating web applications using Node.js frameworks.
• Experience writing command-line scripts with Python.
• Experience working with REST APIs.
• Experience writing HTML, CSS, and JavaScript for user interfaces.
• Experience with relational databases and SQL.
• Experience with the Linux operating system.
• 10+ years of relevant web application development experience.
• Experience configuring and administering web and application services in Linux.
• Strong communication skills to present systems proposals to management and customers and provide system diagnoses and resolutions for current systems.
• Strong organizational skills to prioritize work and deliver on complex projects.
• Strong interpersonal skills to interact with customers, leadership, and team members.
• Able to work autonomously and collaboratively.

Preferred Qualifications:

• Knowledge and experience with authentication and authorization mechanisms, including two-factor authentication and federation platforms.
• Knowledge and experience with networking and network security platforms, including SIEM, firewalls, intrusion detection and prevention, web proxies, and internet content filtering.
• Knowledge and experience with security technologies, such as cryptography and encryption products, data handling and classification procedures, and vulnerability remediation.
• Knowledge and experience of security operations orchestration platforms, infrastructure monitoring platforms, and automation fundamentals.

Skills and Certifications (required):

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• SEC401, Security+, or similar security professional certifications.
• 10+ years of relevant web application development experience.