true Lead Application Security Architect
Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers—including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and bjectives to accelerate CDW’s business goals in a secure way.
Your role at CDW is of the utmost importance to the company’s mission, objectives, and reputation. As the Senior Application Security Lead/Architect, you will play a pivotal role in finding weaknesses in CDW’s software technology stack to ensure identification and resolution ahead of adversary detection and exploitation. Your responsibilities include three parts:
Key Areas of Responsibilities
- Perform manual hands-on penetration testing and code reviews to identify security weaknesses across a wide variety of technology solutions, including on-premises applications and SaaS platforms.
- Develop new tactics, techniques, and procedures to identify zero day vulnerabilities across CDW’s critical crown jewel applications and platforms.
- Create proof of concept code and demonstrations to communicate exposure and exploitation outcomes for various audiences.
- Partner with information security coworkers to ensure appropriate logging and detections are in place to identify newly identified offensive security tactics and techniques.
- Mentor junior security architects and penetration testers—ensuring alignment on methodology and tradecraft.
- Participate in CDW’s global Secure Software Development Life Cycle (S-SDLC) program—providing advisory on secure code and architecture patterns to ensure consistent, repeatable, and scalable security across common application, API, and platform use cases.
- Produce detailed technical reports, public blog posts, and articles—boosting CDW’s industry reputation while enhancing your brand.
- Follow common practices to responsibly disclose zero day vulnerabilities impacting vendor products.
Education and/or Experience Qualifications
- Bachelor’s Degree
- 10 Years of experience Information Security
Who you are:
- You thrive on making an impact—for your team, your company, and the industry
- You are extremely hands-on with a passion for technology
- You do not accept the status-quo, and always strive to improve
- You are eager to learn and seek professional development continuously
- You are resourceful, open-minded, analytical and enjoy solving complex problems
- You are diligent and self-motivated
What we are looking for:
- We value experience, skills, drive, aptitude, and attitude over university degrees and certifications
- Demonstrated track record of vulnerability exploitation across various technology stacks
- Ability to threat model to identify design flaws and security control gaps
- Demonstrated experience in secure software engineering practices—including authentication, authorization, API, and application security