Application Security Architect

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in history, we surpassed $3B in revenue in our last fiscal year with extensive growth potential ahead.

At the heart of Veeva are our values: Do the Right Thing, Customer Success, Employee Success, and Speed. We're not just any public company – we made history in 2021 by becoming a public benefit corporation (PBC), legally bound to balancing the interests of customers, employees, society, and investors.

As a Work Anywhere company, we support your flexibility to work from home or in the office, so you can thrive in your ideal environment.

Join us in transforming the life sciences industry, committed to making a positive impact on its customers, employees, and communities.

The Role

As an Application Security Architect, you are a security expert and evangelist. You provide subject matter expertise and security guidance to product engineering teams and IT to design and build secure solutions, drive the implementation of security best practices, establish security architecture standards and patterns, and perform security architecture reviews.

You will partner with other security leads to grow the security program, mentor junior security team members, measure adherence, suggest and implement changes, develop roadmaps, present to steering committees and engineering teams, and promote security awareness company wide.

What You'll Do

• Build strong relationships and effectively influence Veeva’s product and IT engineering
• Translate security risks to business impact
• Research, prioritize, coordinate, and communicate security solution recommendations
• Provide security architecture advice in support of product application development, cloud infrastructure, and enterprise technology projects
• Perform code analysis, application security reviews, and contribute to the application security training program
• Stay current with security technologies and make usage recommendations
• Maintain an expert knowledge level of Information Security and the related issues, systems, processes, products, and services.

Requirements

• Excellent written and verbal communication
• Ability to evangelize technical security needs to product leadership and engineers
• Broad experience with information, system, and network security concepts and components
• Demonstrated experience with architecture and security reviews, threat modeling applications and identifying areas of risk
• Experience implementing strategies to support secure and compliant architectures
• Deep understanding of the OWASP Top 10 application security risks and how to address them
• Expert knowledge of Amazon AWS, Microsoft Azure or other cloud computing platform offerings and security related services
• Experience with web application security scanning software and related assessment tools such as SAST/DAST/SCA
• Working knowledge of encryption, hashing, secure random number generation, key derivation, key management, digital signatures
• Understanding of internet-scale, distributed, multi-tenant architecture and services.
• Knowledge of Java and the Java Ecosystem. Proficiency with Python, JavaScript and other scripting languages
• BS in Computer Science or equivalent with 10+ years of experience

Nice to Have

• Experience with assessing and providing recommendations for securing generative AI solutions
• Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
• Familiar with compliance regulations like; ISO, GDPR, SOC2, SOX
• MS in Cyber Security, Information Security, MIS or equivalent
• Industry security certifications such as CISSP or others
• Experience in Application penetration testing, CTF competitions, CVE research and/or Bug Bounty recognition
• Experience in Web and Mobile (Android/iOS) based application/service assessment

#RemoteUK

#LI-MidSenior

Veeva’s headquarters is located in the San Francisco Bay Area with offices in more than 15 countries around the world.

As an equal opportunity employer, Veeva is committed to fostering a culture of inclusion and growing a diverse workforce. Diversity makes us stronger. It comes in many forms. Gender, race, ethnicity, religion, politics, sexual orientation, age, disability and life experience shape us all into unique individuals. We value people for the individuals they are and the contributions they can bring to our teams.

If you need assistance or accommodation due to a disability or special need when applying for a role or in our recruitment process, please contact us at talent_accommodations@veeva.com.