Product Security Architect

Careers at Bloomberg

Back to Search

New York, NY

Posted Dec 3, 2018 - Requisition No. 54833

Our Team:

We protect Bloomberg. The Product Security Architecture team is dedicated to making our products and technologies as secure as possible. We report into the CISO, but work closely with development teams, product teams, and others across the organization to integrate security into the product lifecycle from design through deployment. Our colleagues depend on us to be application, network, and host security pros. We specialize in defining security requirements, performing application security assessments, and providing developers with remediation advice. On any given day we're pulled in to evaluate a new system, review a proposed network change, or provide guidance on application security/coding best practices.

We'll Trust You To:

  • Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks
  • Perform security design reviews of applications, systems, and networks
  • Perform code reviews of large applications, manually and using static analysis tools
  • Provide remediation guidance and recommendations to developers and administrators
  • Define security best practices and standards

You'll Need To Have:

  • Experience working with development teams to build secure solutions
  • Experience breaking down complex systems and applications to find flaws
  • Proficiency in reading, writing, and auditing C++ or Javascript and the ability to pick up new languages/technologies
  • Familiarity with common vulnerabilities and attack vectors
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
  • Solid understanding of secure network and system design
  • The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management

We'd Love To See:

  • Experience as a developer
  • A background integrating security testing into the SDLC
  • Experience providing security training to developers
  • Prior work as a consultant at a highly technical information security consultancy
  • Previous work as a technical security architect or related security role in a company where there is a commitment to information security and technology
  • Additional programming languages such as Java, Python, C, C#, Scala
  • Use of static analysis tools

If This Sounds Like You:

Apply if you think we're a good match. We'll get in touch to let you know what the next steps are, but in the meantime feel free to have a look at this:

https://vimeo.com/221034159

Bloomberg is an equal opportunities employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Similar jobs

    The Bloomberg Talent Network

    Stay connected with us and be among the first to learn about new job opportunities. We’ll use the information you provide to help us get in touch with you to align your expertise with our opportunities and better direct our conversations.

    CONNECT WITH US