Overview
We are seeking a highly skilled Product Security Architect to design, implement, and enhance the security architecture of our applications and services. The ideal candidate will have deep expertise in Java, Spring Boot, and Spring Security, along with OAuth2 authentication and authorization mechanisms using Cognito and Keycloak. Experience with Kafka for event-driven architecture and PostgreSQL for database security is essential
This role requires a proactive security mindset, strong problem-solving skills, and a deep understanding of secure software development practices. You will work closely with engineering teams, DevOps, and security teams to ensure robust security measures across the software development lifecycle
Responsibilities
Key Responsibilities
1. Define and implement secure application architecture for microservices and APIs
2. Design and enforce security best practices using Spring Security and OAuth2 (Cognito, Keycloak)
3. Ensure compliance with OWASP, NIST, GDPR, and other security frameworks
4. Implement and manage OAuth2 and OpenID Connect (OIDC) for authentication and authorization
5. Integrate and configure AWS Cognito and Keycloak for identity and access management
6. Develop and enforce secure coding practices in Java and Spring Boot applications
7. Implement data encryption, secure API gateways, and token management
8. Collaborate with engineering teams to conduct security code reviews and threat modeling
9. Ensure Kafka security (authentication, authorization, and encryption)
10. Implement PostgreSQL security best practices, including encryption, access controls, and monitoring
11. Secure inter-service communication using mTLS, JWT, and OAuth2 tokens
12. Implement logging, monitoring, and anomaly detection for security events
Qualifications
Required Qualifications and Skills
13. Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience)
14. Strong programming skills in Java, Spring Boot, Spring Security
15. Hands-on experience with OAuth2, OIDC, Cognito, and Keycloak for authentication and authorization
16. Experience securing Kafka-based event-driven architectures
17. Proficiency in PostgreSQL security mechanisms (encryption, auditing, access control)
18. Knowledge of microservices security, API security (JWT, OAuth2), and secure RESTful APIs
19. Strong understanding of network security, IAM, and DevSecOps best practices
20. Experience with threat modeling, penetration testing, and vulnerability management
21. Familiarity with compliance frameworks (GDPR, SOC2, HIPAA, etc.)
If you are interested in constantly learning and being challenged on a daily basis, we encourage you to submit your resume or CV.
Werfen appreciates and values diversity. We are an Equal Opportunity/Affirmative Action Employer