Job Description

Nice to meet you!

We’re the leader in analytics. Through our software and services, we inspire customers around the world to transform data into intelligence – and questions into answers.

We’re also a debt-free multi-billion-dollar organization on our path to IPO-readiness. If you’re looking for a dynamic, fulfilling career coupled with flexibility and world-class employee experience, you’ll find it here.

About the job

The role involves efforts across peer teams, divisions, and product groups to deliver product security strategy, standards, and guidance leading to an increased security posture for secure by default software and development environments. It also includes working with engineering teams to make strategic technology recommendations and identify areas of opportunity for automation and improvement and defines plans to close security gaps

As a Product Security Architect, you will:

• Work in active partnership with development teams in identifying and building solutions to secure code and the implementation of application vulnerability scanning and penetration testing.
• Develop and promote secure design patterns and technical standards for IOT, web, mobile, cloud applications, and digital services.
• Review application architectures, identify security gaps, and help improve the security posture of business-critical multi-tier applications in legacy, hybrid cloud, and public cloud environments with refactoring and promotions between the environments.
• Perform periodic secure design and coding assessments to diagnose, triage, and proposes remediation's for vulnerabilities and weaknesses in code and applications, considering code, design, and deployment.
• Drive integration of application security tools and practices into the enterprise DevOps practice or CI/CD pipeline.
• Drive secure architecture design and threat modeling for products and capabilities for all deployment environments.
• Research latest security best practices for the implementation of security tools (e.g., SCA, SAST, DAST, IAST, and WAF) , staying abreast of new threats and vulnerabilities and helps disseminate this information to appropriate groups within the organization.
• Assist in the development and successful execution of the SAS software security strategy by contributing to security standards, best practices, and training on Application Security concepts, practices, and initiatives.
• Report on the posture of the organization’s security initiatives and makes strategic recommendations to improve security maturity.
• Design and drive security projects and processes at various levels throughout the organization, from product team level to cross-divisional levels.
• Lead development group discussions on vulnerability mitigation, good coding practices, and security risks.
• Identify new requirements and/or enhancements to standards, tools, and processes.

Required Qualifications

• 9+ years of secure software development, secure system architecture and design, or related experience. 2+ years of demonstrable experience in developing, adopting, leading software security best practices.
• Education requirement. B Tech, MCA, or equivalent
• Equivalent combination of education, training and experience may be considered in place of the above qualifications.
• Mastery in applying software security theories, principles, concepts, and methodologies to innovative solutions.
• Strong domain expertise and technology implementation/ integration experience in one or more areas such as Identity & Access Management, Cloud Security, End point Security, Data Protection, Network Security, Application Security, and Container Security.
• Responsible for the planning, design and build of security architectures.
• Ability to document and develop internal software security procedures.
• Knowledge of software development processes and Quality Standards.
• You’re curious, passionate, authentic and accountable. These are our values and influence everything we do.

Preferred Qualification

• ANS, GIAC, or ISACA certification, CEH, CCSP, or CSSLP, CISSP certification preferred.

Diverse and Inclusive

At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our diverse workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers. Our commitment to diversity is a priority to our leadership, all the way up to the top; and it’s essential to who we are. To put it plainly: you are welcome here.

Additional Information

Please insert appropriate compliance verbiage for your country.

S AS only sends emails from verified “sas.com” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact Recruitingsupport@sas.com.

You are welcome here.

At SAS, it’s not about fitting into our culture – it’s about adding to it. We believe our people make the difference. Our inclusive workforce brings together unique talents and inspires teams to create amazing software that reflects the diversity of our users and customers.

Additional Information:

Please insert appropriate compliance verbiage for your country.

SAS only sends emails from verified “sas.com” email addresses and never asks for sensitive, personal information or money. If you have any doubts about the authenticity of any type of communication from, or on behalf of SAS, please contact Recruitingsupport@sas.com.

Let's stay in touch! Join our Talent Community to stay up to date on company news, job updates and more.

#SAS