5 Architecture Review Jobs

At Cisco, we believe in the power of technology to connect, empower, and drive us towards a simplified future. Our mission is to enable our customers to focus on what truly matters to them, whether it's their students, patients, customers, or businesses. By making networking easier, faster, and more intelligent, we are revolutionizing the way technology works. The modern world thrives on the internet, and at Cisco, we understand that the internet's infrastructure is crucial for its existence. We are dedicated to making the setup, operation, and maintenance of this infrastructure more seamless than ever before. From neighborhood cafes to educational institutions to global hospitality groups with thousands of sites, Cisco ensures connectivity everywhere. As a member of our offensive security team, you will play a vital role in identifying and resolving vulnerabilities in our products, services, and enterprise. Your work will have a significant impact on the security of millions of Cisco users worldwide. Working both independently and in small teams, you will be involved in testing numerous new products each year. At Cisco, our teams are at the forefront of cutting-edge technologies, including artificial intelligence, machine learning, desktop agents, container orchestration in the cloud, and IoT device firmware. We foster a positive culture by hiring, mentoring, and empowering talented individuals who are effective team players. Equal opportunities are provided for all employees to excel, supported by a management team that is committed to continuous organizational improvement. The positive relationship with Cisco provides us with the stability and innovative resources of a larger company, enabling us to transform cloud-based networking. We are confident that you will thrive in our dynamic environment. As an Offensive Security Engineer at Cisco, you will: - Conduct penetration testing on product solutions and perform code reviews of our offerings. - Lead security assessments and penetration tests. - Collaborate with engineers and leaders to prioritize and address vulnerabilities. - Work with software engineers across product teams to enhance product security and deployment practices. - Provide guidance and training on security standards to internal teams and partners. The ideal candidate will possess the following qualifications: - A security-focused individual with a strong background in penetration testing and vulnerability assessments. - A Bachelor's degree in Computer Science, Information Security, or equivalent work experience of 5+ years. - 2+ years of proven experience in hardware security, embedded system penetration testing, and familiarity with authentication and security protocols. - Knowledge of OWASP Web Security Testing Guide (WSTG), OWASP IoT Security Testing Guide (ISTG), and Penetration Testing Execution Standard (PTES). - Excellent communication skills, particularly in written communication. Bonus points for candidates with experience in: - Source code-enabled security assessments and adjacency analysis in languages like C/C++, Golang, Rust, and Ruby. - Proficiency in using and navigating Linux systems. - Familiarity with hardware injection attacks such as EMFI. - Knowledge of secure development lifecycle practices including security requirements, architecture review, threat modeling, and code review. At Cisco, we embrace diversity, inclusion, and collaboration to challenge the status quo. By bringing together different perspectives, we can foster innovation, unlock new possibilities, and unleash the full potential of our people. We are committed to creating an employee experience that promotes appreciation, belonging, growth, and purpose for all.,

DESCRIPTION In Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from Innovative digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe's largest AWS deployment. As an AppSec engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with one or more areas of deep expertise. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions. Our organization prizes its employees, and we show it through investing in work-life harmony. We have dedicated resources that consistently innovate in reducing on-call time and ensuring the team spend their time on the highest-value tasks. Join the stores AppSec organization to work hard, have fun, and make history! Our team puts a high value on work-life balance. Striking a healthy balance between your personal and professional life is crucial to your happiness and success here, which is why we aren't focused on how many hours you spend at work or online. Instead, we're happy to offer a flexible schedule so you can have a more productive and well-balanced life-both in and outside of work. Key job responsibilities . Creating, updating, and maintaining threat models for a wide variety of software projects . Security architecture and design guidance . Manual and Automated Secure Code Review, primarily in Java, Python and Javascript . Development of security automation tools . Adversarial security analysis using innovative tools to augment manual effort . Security training and outreach for internal development teams . Independently solve security problems that require novel methods or approaches . Influence your team's and partners process, priorities, and choices to improve outcomes About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Mentorship and Career growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. #Joinstoresappsec BASIC QUALIFICATIONS - BS in Computer Science, Information Security, 3+ years of demonstrated experience of comprehensive application security assessments, including both automated and manual assessment. - Hands on experience in threat modelling, architecture review, manual source code review, attacker exploit techniques, and methods for their remediation. - Have good understanding of network architecture, enterprise IT systems and cloud such as AWS and programming or Scripting skills (E.g: Java, Python, Perl, Bash, Ruby, PowerShell, etc.) and can explain complex technical risks in simple, clear language that non-technical stakeholders can easily understand and act upon. PREFERRED QUALIFICATIONS - You demonstrate excellent judgement in assessing and prioritizing technical risk and You have a strong application security background with a focus on scalable solutions - You have experience building and securing cloud infrastructure such as AWS and work to identify and remove bottlenecks for your teammates, both in process and technology - You create and maintain security documentation, including architecture designs, implementation guides, and best practices to promote secure development practices - Identify security risks and drive continuous improvement in security controls and practices and collaborate with security stakeholders to develop security strategies Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

DESCRIPTION In Amazon Stores, we ship some of the widest arrays of technology found at any company. From amazon.com to world class machine learning pipelines, from Innovative digital healthcare to no-checkout retail, we push the boundaries of technology in every direction using the globe's largest AWS deployment. As an AppSec engineer, you will collaborate with software development teams to ensure we keep our customers safe while developing these novel services. In a given day, you might be inspecting an application's code for security issues, building a new framework to help our software developers build faster and more securely, or fine-tuning the design for a new service alongside its software developers. The ideal candidate combines technical acumen with an ability to lead by influence and communicate clearly. Technically, this person will be a security generalist with one or more areas of deep expertise. In their communication, they will clearly articulate risks to technical and non-technical audiences alike. Interpersonally, successful candidates will effectively harmonize disparate opinions while effectively prioritizing risks to guide their partners towards secure solutions. Our organization prizes its employees, and we show it through investing in work-life harmony. We have dedicated resources that consistently innovate in reducing on-call time and ensuring the team spend their time on the highest-value tasks. Join the stores AppSec organization to work hard, have fun, and make history! Key job responsibilities . Creating, updating, and maintaining threat models for a wide variety of software projects . Security architecture and design guidance . Manual and Automated Secure Code Review, primarily in Java, Python and Javascript . Development of security automation tools . Adversarial security analysis using innovative tools to augment manual effort . Security training and outreach for internal development teams . Independently solve security problems that require novel methods or approaches . Influence your team's and partners process, priorities, and choices to improve outcomes About the team Diverse Experiences Amazon Security values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, don't let it stop you from applying. Why Amazon Security At Amazon, security is central to maintaining customer trust and delivering delightful customer experiences. Our organization is responsible for creating and maintaining a high bar for security across all of Amazon's products and services. We offer talented security professionals the chance to accelerate their careers with opportunities to build experience in a wide variety of areas including cloud, devices, retail, entertainment, healthcare, operations, and physical stores. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home, there's nothing we can't achieve. Inclusive Team Culture In Amazon Security, it's in our nature to learn and be curious. Ongoing DEI events and learning experiences inspire us to continue learning and to embrace our uniqueness. Addressing the toughest security challenges requires that we seek out and celebrate a diversity of ideas, perspectives, and voices. Mentorship and Career growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, training, and other career-advancing resources here to help you develop into a better-rounded professional. #Joinstoresappsec BASIC QUALIFICATIONS - BS in Computer Science, Information Security, 1+ years of demonstrated experience of comprehensive application security assessments, including both automated and manual assessment. - Experience in threat modelling, architecture review, manual source code review, attacker exploit techniques, and methods for their remediation. - Programming or Scripting skills (E.g: Java, Python, Perl, Bash, Ruby, PowerShell, etc.) PREFERRED QUALIFICATIONS - You demonstrate excellent judgement in assessing and prioritizing technical risk - You have a strong application security background with a focus on scalable solutions - You have experience building and securing cloud infrastructure such as AWS - You have understanding of network architecture and enterprise IT systems - You work to identify and remove bottlenecks for your teammates, both in process and technology Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process, including support for the interview or onboarding process, please visit for more information. If the country/region you're applying in isn't listed, please contact your Recruiting Partner.

About NCR VOYIX NCR VOYIX Corporation (NYSE: VYX) is a leading global provider of digital commerce solutions for the retail, restaurant and banking industries. Headquartered in Atlanta, Georgia, with approximately 16,000 employees in 35 countries across the globe, NCR VOYIX has been the global leader in consumer transaction technologies for nearly 140 years. The company focuses on turning everyday consumer interactions into meaningful moments by transforming stores, restaurants, and digital banking experiences through cloud-based, platform-led SaaS and services capabilities. NCR VOYIX is renowned for creating exceptional consumer experiences in partnership with leading retailers, restaurants, and financial institutions worldwide. Leveraging expertise, research and development capabilities, and a unique platform, the company helps customers navigate, simplify, and manage their technology systems effectively. Customers are at the core of NCR VOYIX's mission, which is to enable stores, restaurants, and financial institutions to surpass their goals, ranging from customer satisfaction to revenue growth, operational excellence, cost reduction, and profit growth. By offering solutions that empower customers to thrive in today's competitive landscape, NCR VOYIX brings innovative, industry-leading technology to businesses of all sizes across various industries, earning the trust of renowned global brands as well as local favorites. Job Summary The Asset and Configuration Management Team Manager at NCR VOYIX is responsible for overseeing the company's Asset and Configuration Management processes and the configuration management database (CMDB). Reporting to the ServiceNow Platform executive, the successful candidate will lead the strategy and process development needed to enhance the existing ServiceNow-based CMDB. Working closely with ITSM teams, IT Architecture, and ServiceNow platform stakeholders, the candidate plays a pivotal role in ensuring effective governance, data integrity, and continual service improvement initiatives related to global Asset and Configuration Management processes. Key Responsibilities - Deliver innovative asset management and configuration management solutions to meet evolving business needs, including managing SaaS/cloud assets and services. - Develop and implement governance for Asset and Configuration Management, including standards, policies, and procedures. - Evaluate and suggest improvements to the existing ServiceNow CMDB design, implementation, and management. - Understand the ServiceNow CSDM and its interrelationships with ITSM, Asset Management, APM, and other ServiceNow-related processes. - Define technology and integration requirements for CMDB to support IT Service Management, Asset Management, and other processes. - Ensure accurate and up-to-date CMDB data and establish best practices for updating CI data. - Establish and implement asset and configuration standards, policies, and procedures. - Identify critical success factors, develop process performance metrics, and monitor performance. - Provide coaching and training for CMDB stakeholders and collaborate on service improvement initiatives. - Stay updated on industry innovations and recommend new technologies. Basic Requirements - Bachelor's Degree in an IT-related field or a minimum of 5 years of relevant experience. - Strong understanding of ITSM best practices, with experience in Configuration Management and Asset Management. - Hands-on experience with enterprise Change, Configuration, and Asset Management system tools, preferably within the ServiceNow environment. - Preferred technical knowledge in relevant roles such as CMDB Manager/Analyst, Application Portfolio Manager/Analyst, Change Manager, Network Administrator, Database Administrator, among others. - Experience leading technical discussions and working in complex technical environments. - Strong interpersonal and influencing skills in a global environment. Preferred Requirements - ITIL Foundation certification. - Architecture review and ServiceNow administration experience. - Relational database administration experience. Please note that offers of employment are subject to passing applicable screening criteria. NCR Voyix follows an Equal Employment Opportunity (EEO) policy.,

Role & responsibilities Perform automated testing of running applications and static code (SAST, DAST). Perform manual application penetration tests on one or more of the following to discover and exploit vulnerabilities: web applications, internal applications, APIs, internal and external networks, and mobile applications Experience in one or more of the following a plus: mobile application testing, Web application pen testing, application architecture and business logic analysis. Need to work on application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux. Able to explain IDOR, Second Order SQL Injection, CSRF Vulnerability, Root cause, Remediation Minimum three (3) years of recent experience working with application tools to perform security tests: AppScan, NetsSparker, Acunetix, Checkmarx, Veracode, BurpSuite, OWASP ZAP, Kali Linux, or equivalent. Minimum three (3) years of performing manual penetration testing and code review against web apps, mobile apps, and APIs Minimum three (3) years of working with technical and non-technical audiences in reporting results and lead remediation conversations. Preferred one year of experience in development of web applications and/or APIs. should be able to identify and work with new tools / technologies to plug and play on client projects as needed to solve the problem at hand. One or more major ethical hacking certifications not required but preferred; GWAPT, CREST, OSCP, OSWE, OSWA