Job Specifications
Title: Application Security Engineer/Systems Architect
Location: Charlotte, NC or Irving,TX or Jersey City,NJ -hybrid
Duration: 12-month contract
Here are the notes from the hiring manager:
I need someone to build application threat models.
I need someone with classic enterprise systems understanding - specifically, the foundational knowledge of how to architect, connect, and operate core business applications (e.g., connecting an app server to a database, handling networking, middleware, and operational dependencies).
Because this is contract-to-hire, I need someone who can evolve long term with Application Security. Thus, I need a systems builder with a security mindset who can:
• deconstruct the architecture of large traditional enterprise systems.
• read and write Python; and read Java and C#
• build tooling
• integrate APIs
• use Copilot
• automate painful AppSec processes
• embed security logic inside pipelines and microservices
• use AI agents for analysis and code review
• operate in application security platform engineering
What you need to be looking for is a developer who moved into security, not a security person who dabbles in development.
Required Qualifications:
4+ years of Systems Architecture and/or Systems Development experience
3+ years of Cybersecurity experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education, Cybersecurity certifications.
1+ years of engineering experience with Azure, GCP, or AWS.
1+ years of experience in Python programming.
Proficient in at least one Threat Modeling methodology, such as STRIDE, PASTA, OCTAVE, LINDDUN, or VAST
Experience using Threat Modeler, Microsoft Threat Modeling tool, or OWASP Threat Dragon to develop threat models
Understanding of OWASP Top 10, CAPEC, MITRE ATT&CK and Secure Design principles
The ability to juggle multiple threat models actively in the work-in-progress state, working with a sense of urgency, delivering with short cycle times and a high throughput without sacrificing quality.
Strong collaboration and communication skills, and the ability to work effectively with cross-functional teams.
Desired Qualifications:
Security and cloud certifications, such as CISSP, CCSP and Azure, GCP, or AWS cloud certifications.
3+ years leading Architecture Risk Reviews and building threat models
1+ years of experience Threat Modeling GenAI.
1+ years of experience leveraging Threat modeling-as-a-Code (TaaC)
--
Vilayath Khan
Manager-TA
Vilayath.k@clevanoollc.com
About the Company
At Clevanoo LLC, we believe that great companies are built with great talent — and we make it our mission to connect them. Based in Frisco, TX, we’re a nimble, results-driven staffing partner that specializes in helping organizations scale quickly with vetted, high-caliber professionals across software development, infrastructure, data & analytics, and other critical tech disciplines. From contract and contract-to-hire engagements to direct placements, we take care of the sourcing, screening and matching so your team can foc...
Know more