at CDW LLC in Vernon Hills, Illinois, United States
Job Description
Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers-including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and bjectives to accelerate CDW's business goals in a secure way.
Your role at CDW is of the utmost importance to the company's mission, objectives, and reputation. As the Senior Application Security Lead/Architect, you will play a pivotal role in finding weaknesses in CDW's software technology stack to ensure identification and resolution ahead of adversary detection and exploitation. Your responsibilities include three parts:
Key Areas of Responsibilities
Vulnerability Research
Perform manual hands-on penetration testing and code reviews to identify security weaknesses across a wide variety of technology solutions, including on-premises applications and SaaS platforms.
Develop new tactics, techniques, and procedures to identify zero day vulnerabilities across CDW's critical crown jewel applications and platforms.
Create proof of concept code and demonstrations to communicate exposure and exploitation outcomes for various audiences.
Partner with information security coworkers to ensure appropriate logging and detections are in place to identify newly identified offensive security tactics and techniques.
Mentor junior security architects and penetration testers-ensuring alignment on methodology and tradecraft.
Architecture Advisory
Participate in CDW's global Secure Software Development Life Cycle (S-SDLC) program-providing advisory on secure code and architecture patterns to ensure consistent, repeatable, and scalable security across common application, API, and platform use cases.
Responsible Disclosure
Produce detailed technical reports, public blog posts, and articles-boosting CDW's industry reputation while enhancing your brand.
Follow common practices to responsibly disclose zero day vulnerabilities impacting vendor products.
Education and/or Experience Qualifications
Bachelor's Degree
10 Years of experience Information Security
Required Qualifications
Who you are:
You thrive on making an impact-for your team, your company, and the industry
You are extremely hands-on with a passion for technology
You do not accept the status-quo, and always strive to improve
You are eager to learn and seek professional development continuously
You are resourceful, open-minded, analytical and enjoy solving complex problems
You are diligent and self-motivated
What we are looking for:
We value experience, skills, drive, aptitude, and attitude over university degrees and certifications
Demonstrated track record of vulnerability exploitation across various technology stacks
Ability to threat model to identify design flaws and security control gaps
Demonstrated experience in secure software engineering practices-including authentication, authorization, API, and application security
CDW is an affirmative action/equal opportunity employer committed to a diverse and inclusive workplace.
