Head of Application Security & Architecture
2380245 2020/10/06 Security, Privacy and Technology Infrastructure
- The Security Architect/Engineer at Coupang is responsible for designing and implementing security solutions for both Coupang’s internal IT environment and its e-commerce platform.
- The Director/Senior Director of Application Security is responsible for leading a high caliber global security team designing and implementing security solutions for both Coupang’s internal IT environment and its e-commerce platform.
- The ideal candidate should possess a combination of strong technical knowledge across multiple information security domains and a solid development background.
- The candidate will partner with engineering teams across the company to design, develop, and implement security solutions to identify and close security gaps for AWS cloud and on-premise data center environments.
- The candidate will be an advocate and practitioner of DevSecOps implementing tools driven and highly automated approach to bake security into developer's workflow. The candidate will serve as trusted advisor to engineering teams delivering architecture guidance, leading proof of concept evaluations, and assisting in large-scale implementations.
- This is a unique, exciting opportunity to work on and learn about the latest and greatest technologies in the cloud, security, and DevSecOps.
- Build and manage a high caliber team of security architects and engineers including hiring, developing, supporting, and motivating team members to drive results and achieve team goals
- Provide guidance and subject matter expertise in infrastructure, application & data security to engineering teams across the company
- Apply risk-based thinking enabling teams to make the right security decisions and priorities
- Identify gaps in existing security architecture and design and recommend changes or enhancements
- Develop and promote the adoption of security patterns and practices of using AWS and other internal and third-party services
- Build tools and automation that enable Coupang developers to easily consume security services delivered by the security team
- Partner with platform and engineering teams to integrate security controls into continuous integration, delivery and deployment processes
- Build strong relationships with Coupang's technical teams and cultivate a culture of security awareness and ownership
- Provide hands on security training and secure coding best practices to developers
- Strong foundation and in-depth technical knowledge in security engineering, computer and network security, authentication and security protocols, and applied cryptography
- Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security
- Hands on experience in Threat Modeling, SAST, DAST, and Web application security including OWASP 10 and SANS 25
- Experience with public cloud environments and technologies, including Amazon Web Services (AWS) or other
- Experience in DevOps environments and automating security controls into the CI/CD process
- Experience with Jenkins or other CI tools and knowledge of technologies like containers and microservices
- Experience in applying maturity model-based methods (BSIMM or OpenSAMM) to an application security program will be considered a plus
- Bachelor degree in Information Technology, Computer Science or a related field or equivalent experience