The Security Architect is responsible for developing and improving secure application software development lifecycle practices, secure testing and assessment, and the integration of Security with DevOps. This role is responsible for vulnerability management of application development efforts, implementing application security controls in the cloud, embedding and automating security controls in DevOps, and helping development teams identify and track security risks to remediation.

This position is a Hybrid role in Spring, Texas (Remote Monday and Friday, in Office Tuesday - Thursday).

What You Will Do:

• Develop and maintain software application security policies, standards, and procedures.
• Develop and implement software application security controls, including security best practices for the software development lifecycle.
• Support and consult with product and development teams in application security, including application threat modeling, application architecture reviews, code security reviews and analysis, and application security testing.
• Design technical solutions to address security weaknesses in applications.
• Analyze system services and identify security issues in applications.
• Assist teams in reproducing, triaging, and addressing application security vulnerabilities.
• Assist in identifying and implementing automated tooling to identify and prevent security vulnerabilities and enable an effective DevSecOps environment.
• Communicate the nature and severity of security concerns to the development team.
• Help development teams assess and remediate application security concerns.

What You Will Need:

Education and Experience

• Bachelor's degree in information security or related field of study, or equivalent work experience.
• Minimum of 10 years of work experience within software development or information security.

Knowledge, Skills and Abilities

• Able to work well with software development teams and guide them on secure software development processes.
• Expertise in Azure platform offerings and security best practices.
• Cloud security experience with MS Azure (AWS and/or GCP a strong plus).
• Experience configuring and running WAFs (Web Application Firewalls).
• Experience identifying security threats and vulnerabilities using threat modelling, and code review and analysis.
• Work experience in securing containers.
• Work experience with DevSecOps environments, orchestration, and security tools.
• Work experience with application security processes, tools, and principles, such as: SCA, SAST, DAST, Web Application Firewalls, including API security.
• Application security expertise understanding vulnerabilities and remediation solutions (OWASP, SANS 25).
• Basic development or scripting experience and skills. Ruby, Ruby on Rails, JavaScript, and/or Go are preferred.
• A basic understanding of network and web related protocols (such as HTTP, HTTPS, SSH...).
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner.
• Working knowledge of the ABS Health, Safety, Quality & Environmental Management System (applicable to internal candidates).

It Would Be Nice If You Had:

• Professional information security certification (such as: CISSP, CCSP, GWAPT, GWEB, AWS/Azure Solutions Architect) preferred.
• AZ-204: Developing Solutions for Microsoft Azure - preferred.
• AZ-305: Designing Microsoft Azure Infrastructure Solutions - preferred.
• AZ-500: Microsoft Azure Security Technologies - preferred.

Reporting Relationships:

Reports to a Manager or Director Level Position

ABOUT US

We set out more than 160 years ago to promote the security of life and property at sea and preserve the natural environment. Today, we remain true to our mission and continue to support organizations facing a rapidly evolving seascape of challenging regulations and new technologies. Through it all, we are anchored by a vision and mission that help our clients find clarity in uncertain times.

ABS is a global leader in marine and offshore classification and other innovative safety, quality, and environmental services. We're at the forefront of supporting the global energy transition at sea, the application of remote and autonomous marine systems, cutting-edge technical solutions, and many more exciting advancements. Our commitment to safety, reliability, and efficiency is ever-present, guiding our clients to safer and more efficient operations.

About Our Benefits

ABS Bureau proudly offers a variety of industry-leading benefits designed to enhance the life and well-being of our employees and their families. These benefits include, but are not limited to, medical insurance (PPO and HD), dental and vision insurance, Health Savings Account (HSA), Flexible Savings Account (FSA), life insurance, accidental death and dismemberment insurance, disability leave programs, parental leave program, paid holidays, and paid vacation time. The Company provides an Employee Assistance Plan (EAP) that offers support in personal wellness, including work-life services. ABS Bureau also offers a 401K plan with a generous company match, subject to plan requirements.

Equal Opportunity

ABS Bureau is committed to the equal employment opportunity of its employees and prohibits discrimination against any employee or qualified applicant based on race, color, creed, religion, national origin, sex, gender identity, age, disability, marital status, sexual orientation, citizenship status or veteran status, or other non-work-related characteristics that may be protected under the law of the Federal Government or specific state employment laws.

Notice

ABS and Affiliated Companies (ABS) will not pay a fee to any third-party agency without a valid ABS Master Service Agreement (MSA) authorized and signed by Human Resources. Any resume, CV, application, or other forms of candidate submission provided to any employee of ABS without a valid MSA on file will be considered property of ABS, and no fee will be paid.

Other

This job description is not intended, and should not be construed, to be an all-inclusive list of responsibilities, skills, efforts or working conditions associated with the job of the incumbent. It is intended to be an accurate reflection of the principal job elements essential for making a fair decision regarding the pay structure of the job. #ogjs