REGISTRIEREN
Zurück zur Stellenangebote
XX
Application Security ArchitectAlarm.comVirginia, Minnesota, United States
Ähnliche Jobs finden

Dieses Stellenangebot ist nicht mehr verfügbar

XX

Application Security Architect

Alarm.com
  • US
    Virginia, Minnesota, United States
  • US
    Virginia, Minnesota, United States
Ähnliche Jobs finden

Über

Do you love diving deep into complex systems? Are you passionate about helping engineering teams ship secure, high‑quality software? Do you get energy from solving practical security problems at scale and partnering closely with developers, architects, and product teams? If so, we’d love to talk to you. Alarm.com is looking for an Application Security Architect to join our growing security organization—initially as the primary owner of application security, with the opportunity to help shape and potentially build the AppSec function over time. You’ll play a hands‑on, influential role in shaping how we build secure software across a diverse ecosystem—including mobile apps, cloud services, on‑prem systems, IoT devices, and emerging AI‑powered features. You’ll collaborate with engineers across the company, participate in design reviews, lead threat modeling, and help teams adopt secure development practices that keep our customers and partners safe. Alarm.com offers an environment where you can meaningfully impact both technology and culture. You’ll work with smart, friendly engineers, cutting‑edge products, and a platform that spans everything from home automation to large‑scale data processing. If you enjoy a blend of deep technical work, cross‑team partnership, and practical security engineering, this could be the perfect place to grow your career. What You'll Do
Vulnerability Management: Triage and track inbound findings from SAST, DAST, IAST, SCA tools, and external sources (bug bounty, penetration tests). Maintain strong awareness of vulnerability trends and exploitability. Prioritize remediation using a risk-based approach, partnering directly with engineering teams. Secure SDLC Integration: Partner with engineering and platform leadership to embed security practices throughout the development lifecycle. Influence and evolve the AppSec tooling and automation roadmap—including emerging AI‑assisted capabilities—through prototyping, evaluation, and feedback. Threat Modeling & Design Reviews: Lead threat modeling and participate in feature‑team design reviews to ensure security best practices are applied across new features and architectural changes. Collaborate early with engineers, architects, and tech leads during design sessions to identify risks, guide secure design decisions, and embed security into system architecture. Code & Application Reviews: Perform deep, targeted reviews of high‑risk code paths, APIs, authentication/authorization flows, and sensitive components. Coordinate with Penetration Testers, Red Teams, and Compliance teams to ensure holistic coverage. AI & LLM Security: Partner with teams adopting AI and LLM‑based systems—both internal tooling and production features—to ensure secure design, model and data protection, prompt/input validation, and safe integration patterns. Assess and mitigate risks related to data leakage, model behavior, supply chain concerns, and emerging AI security threats. Automation & Tooling: Build and maintain security automation integrated into CI/CD pipelines. Automate detection, validation, and developer‑friendly remediation workflows to improve signal quality and reduce friction. Developer Guidance & Training: Serve as a domain expert and partner to engineering teams. Deliver workshops, provide secure coding guidance, and help teams adopt effective security controls and testing practices. Cloud Application Security: Advise on application‑layer security in cloud‑native environments, including identity, secrets management, network exposure, and service‑to‑service authentication. IoT Device & Platform Security: Provide security guidance for IoT devices and platform components, including OSS dependency risk analysis and security considerations for legacy or constrained devices. Security Policy & Compliance: Translate policy and compliance requirements into practical guidance for developers. Contribute to policy evolution and support audit activities as needed. Incident Response: Collaborate with InfoSec during security incidents and investigations. Maintain and evolve runbooks and contribute to post‑incident reviews to drive systemic improvements.
Required Skills & Experience
10+ years of experience in application security, software engineering, or related technical security roles (8+ acceptable for exceptionally strong candidates). Knowledge of application security best practices across both cloud and on‑prem environments, including cloud‑hosted Kubernetes and related cloud services. Hands‑on experience with AppSec tooling and techniques (SAST, DAST, SCA, IAST, WAF, etc.). Strong understanding of vulnerabilities, exploitability, and security principles (e.g., OWASP Top 10, secure design patterns). Experience with CI/CD pipelines and DevSecOps practices. Demonstrated ability to influence engineering teams and drive security outcomes without relying on authority. Strong analytical thinking, practical problem‑solving skills, and a balanced approach to technical risk. Excellent written and verbal communication skills, capable of explaining complex security issues to both technical and non‑technical audiences. Experience with GitHub Advanced Security (including code scanning, secret scanning, and dependency insights) is preferred. Familiarity with AI and LLM security concepts—such as model hardening, prompt/input validation, data protection, and the OWASP Top 10 for LLMs—is preferred.
Why work for Alarm.com?
Collaborate with outstanding people: We hire only the best. Our standards are high and our employees enjoy working alongside other high achievers. Make an immediate impact: New employees can expect to be given real responsibility for bringing new technologies to the marketplace. You are empowered to perform as soon as you join the Alarm.com team! Gain well rounded experience: Alarm.com offers a diverse and dynamic environment where you will get the chance to work directly with executives and develop expertise across multiple areas of the business. Focus on fun: Alarm.com places high value on our team culture. We even have a committee dedicated to hosting a stand‑out holiday party, happy hours, and other fun corporate events. Alarm.com values working together and collaborating in person. Our employees work from the office 4 days a week.
COMPANY INFO Alarm.com is the leading cloud‑based platform for smart security and the Internet of Things. More than 7.6 million home and business owners depend on our solutions every day to make their properties safer, smarter, and more efficient. We’re seeking those who are passionate about creating change through technology and who want to make a lasting impact on the world around them. #J-18808-Ljbffr
  • Virginia, Minnesota, United States

Sprachkenntnisse

  • English
Hinweis für Nutzer

Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.

Ähnliche Jobs finden