Senior Application Security Architect

The Senior Application Security Architect is responsible for validating that application services are designed and implemented with high security standards. The role is focused significantly on application program interfaces (APIs), and the architect spends a large percentage of time developing and supporting security controls for API services. Additionally, the architect establishes an application security vision with sustainable standards and processes. An influential member of the team, the architect is a primary liaison with the security, engineering and technology teams.

• Influence secure API development standards and implementations across multiple platforms
• Adopt security standards for the API lifecycle and disseminate them across development and security teams
• Enforce rigorous security controls with internal and external constituents, and follow through for verification and consistency
• Document and provide ongoing maintenance of materials to eliminate discrepancies in development and security best practices.
• Focus on automation to aid in efficiencies with both testing and production
• Develop authentication and authorization security requirements to adhere to credential storage, privilege management and authenticity standards; support role- and attribute-based access control
• Work in Tandem with developers to provide repetitive validation testing prior to production that allows for a continuous cycle of development followed by application security assessments
• Regularly monitor the security community for public-facing security issues as well as to learn new tactics for securing data transmissions and reducing attack exposure
• Attend and participate in application projects and change management committee meetings. This includes interacting with business units and technical teams to understand what is coming and how projects can be more secure from the beginning
• Leverage security standards and implementation configurations, as well as common security frameworks
• Document secure delivery and implementation advancements that meet defined service-level agreements (SLAs) and business metrics
• Align with architects and development teams for a mission of secure design and data integrity preservation among users, apps and infrastructure
• Develop security test plans from architectural designs, identify deficiencies and make enhancements to ensure production is not impacted
• Actively participate in and lead security team meetings that facilitate secure design
• Be highly engaged in information security projects that evaluate existing security infrastructure and proposed changes as defined by security leadership and architects; deliver projects on time, within budget and in accordance with SLAs

• At least 5+ years' experience in cybersecurity preferred, including compliance and risk management with system and application security engineering
• Highly technical and analytical with a proven deep background in application programming (5+ years above and beyond cybersecurity experience preferred)
• Established experience with Agile and software development lifecycle (SDLC) practices
• Experience in DevSecOps to integrate security principles into the development process, such as vulnerability code review, development security frameworks, testing, and integration of such processes within a CI/CD pipeline
• Assess and understand security requirements of the Clean Harbors network, including impacts on bandwidth, latency, availability, and confidentiality
• Proficient in Data security concepts pertaining to data with physical security, access controls, logical application security including visibility and data protection
• Experienced with REST and SOAP development and security controls.
• Experience with .NET Java, Python, C+, Angular, etc. and the ability to drive a security by design approach within the software development lifecycle
• Knowledge of security fundamentals for software-as-a-service (SaaS) application integrations and effective use and security configuration of Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) within Azure and Oracle Cloud environments
• Solid understanding of network and web protocols
• Skillful in single sign-on (SSO), OAuth 2.0, OpenID Connect and SAML
• Proven excellence in communicating business risk from cybersecurity topics
• Knowledge of practices and guidance emerging from OWASP, NIST and SANS, among others
• Experienced working with API gateways such as Ws02, Oracle OIC and Azure Gateway
• Experienced with securing intra-company and third-party APIs

Clean Harbors is an equal opportunity employer. We do not discriminate against applicants due to race, ancestry, color, sexual orientation, gender identity, national origin, religion, age, physical or mental disability, veteran status, or on the basis of any other federal, state/provincial or local protected class.

Clean Harbors is a Military & Veteran friendly company.

.CH