This site uses cookies. To find out more, see our Cookies Policy

Cloud Application Security Engineer (AIR - Boston) in Boston, MA at Verisk Analytics

Date Posted: 7/15/2018

Job Snapshot

Job Description




Cloud Application Security Engineer


AIR Worldwide (AIR) is a member of Verisk Analytics Family – recently ranked #18 on Forbes most innovative companies worldwide. We are the scientific leader and most respected provider of risk modeling software and consulting services. We founded the catastrophe modeling industry in 1987 and today model the risk from natural catastrophes and terrorism in 90 countries. AIR offers the opportunity to work with advanced technologies, global clients, and hundreds of the most innovative, talented minds in the industry.

AIR is looking for a Cloud Application Security Engineer who will focus on ensuring that our architecture and software designs meet security requirements in a Cloud/Hybrid environment. You will work closely with our software and product management groups to develop requirements and follow best practices as we build secure products that’s deployed in a Cloud/Hybrid environment.

The Role:

The ideal candidate will be able to work with stakeholders, including IT, business, product, and software development team members to influence the application dataflow design and extensible product platform architecture. 

The role will perform the following (but not limited to) tasks;
  • Serve as a senior cloud application security engineer / SME for high visibility cloud computing initiative 
  • Analyze and design controls to secure public/private/hybrid cloud deployments 
  • Partner with stakeholders to assess public & private cloud services / technologies for security standards compliance 
  • Create      security standards compliant patterns & reference architectures for      public, private, or hybrid cloud deployments 
  • Identify any gaps in existing application security      infrastructure to meet project requirements, work with the Product      Management to identify and roadmap solutions.
  • Consult with      IT and security staff to ensure that security is factored into the      evaluation, selection, installation and configuration of hardware,      applications and software.
  • Perform code analysis,      application security reviews, and develop an application security training      program for developers.


You should have:
  • Bachelor’s degree in technical field with 5+ years’ experience in Application Security
  • Production experience in AWS and/or Azure with focus on application security. 
  • Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis, and vulnerability remediation 
  • Practical experience in the Information Security Architecture field, with emphasis on application security architecture and authorization
  • Understanding of the OWASP Top 10 application security risks and how to address them
  • Working knowledge of relevant security regulations such as ISO and SOC2 
  • Cloud Security and Architecture related certifications a plus