Principal Application Security Architect

  • Full time
  • Prague
  • Posted 2 weeks ago

DHL Information Services (Europe) s.r.o.

JOB DESCRIPTION About the role: DHL IT Services is a team of + highly skilled IT professionals that keep DHL core infrastructure and international services running smoothly 24/7. We offer world-class IT Solutions and Infrastructure, supporting DHL by Delivering Excellence in a Digital World. We keep international supply chains moving with our cutting-edge IT infrastructure and use big data and machine learning to fight cybercrime across global trade lines.We are looking for an Application Development security professional with a solution mindset and hands-on experience in secure development expertise. You will be a member of the team of Security Architects at DPDHL IT Services. You will provide direction, execution guidance, blueprints, propose innovative solutions, and influence the security of digital solutions for a worldwide logistics company. You will collaborate with DevOps and security teams like Security Engineering, Cyber Defense, Risk and Compliance Management to ensure the adoption and usage of adequate security measures in application development to support the IT Services strategy to become the competitive advantage for the DPDHL Group. What you will do: • Successfully and seamlessly integrate security into a developer’s world • Support the “Sec” in our DevSecOps processes and tools • Create modular SSDLC architecture which will be pluggable into other technologies and CI/CD pipelines • Evaluation and Build of new or missing AppSec capabilities and services (together with InfoSec, DevOps and Product teams) • e.g. SAST, DAST, IAST, SCA, IaC, RASP, Continuous Pentesting, … • Facilitate adoption and implementation of best practices for applications that make DPDHL the number one logistics company • Provide expert recommendations on secure solution architecture & design so that our applications pass any penetration test summa cum laude • Support secure means of integrating open source code and APIs • Assist in the development of automated security testing to validate that secure coding best practices are being used • Stay up-to-date on the latest security threats and the technology being developed to deal with them • Apply industry standard methodologies and frameworks • Support key application security reviews with threat modeling • Act as an authority and advisor for InfoSec, DevOps and Product teams in all AppSec topics You should have experience with: • Application security frameworks, controls and best practices in application build environments • Implementing secure development practices into SDLC and agile development methods • Background and knowledge of threat modeling and risk assessment technologies and methods • Close collaboration with developers and DevSecOps teams • OWASP Top 10 and CWE 25 with a proven track record in implementing and integrating mitigations • Managing application security technologies (SAST, DAST, IaC, SCA, Open Source vulnerability scanning) and common security tools • Familiarity with common security libraries, security controls, and common security flaws • Some knowledge of scripting languages (powershell, perl, javascript, python, etc.) • Communications skills, consulting skills and skills to drive topics in a virtual team spread over several locations • Excellent English and proficient presentation skills Nice to have: • Industry recognized security certifications • Private projects/research focused on Application Security What we offer: • Great team of IT professionals and possibility of technical development • Modern offices in Chodov • Home office possibilities • Permanent contract • Company Car, Pension plan contribution, Long-term Sickness Insurance • CAFETERIA employee benefit program with wide selection of benefits from Edenred • Extra week of holiday (25 days/year), 6 Self-sickness days/year, Full salary compensation for up to 10 days absence due to illness per calendar year, Lunch vouchers fully covered by company • Multisport card, mobile and laptop, fruit days, sport clubs for employees, Referral program……For more details feel free to contact .

To apply for this job please visit cz.talent.com.