Company Overview
With 80,000 customers across 150 countries, UKG is the largest U.S.-based private software company in the world. And we're only getting started. Ready to bring your bold ideas and collaborative mindset to an organization that still has so much more to build and achieve? Read on.
At UKG, you get more than just a job. You get to work with purpose. Our team of U Krewers are on a mission to inspire every organization to become a great place to work through our award-winning HR technology built for all.
Here, we know that you're more than your work. That's why our benefits help you thrive personally and professionally, from wellness programs and tuition reimbursement to U Choose - a customizable expense reimbursement program that can be used for more than 200+ needs that best suit you and your family, from student loan repayment, to childcare, to pet insurance. Our inclusive culture, active and engaged employee resource groups, and caring leaders value every voice and support you in doing the best work of your career. If you're passionate about our purpose - people -then we can't wait to support whatever gives you purpose. We're united by purpose, inspired by you.
Want more jobs like this?
Get jobs in Sofia, Bulgaria delivered to your inbox every week.
About the role
We are looking for a Security Architect (Application Security) to join our team and lead the design and implementation of secure solutions for our cloud-based enterprise applications. You will be a hands-on, technical leader with a passion for security and a deep understanding of complex, multi-tenant systems. You will provide architectural guidance and mentorship to the teams responsible for platform and application development, ensuring that security is built-in from the start and throughout the software development lifecycle. You will also define the product security roadmap, translate business and technical requirements into robust security software solutions, and communicate with senior management and stakeholders on the status and feedback of the security projects. As a Security Architect (Application Security), you will be a key contributor to the overall security posture of our organization and a trusted partner for our customers.
Responsibilities
• Provide architectural leadership and direction to the teams responsible for platform and application development, with a focus on system wide security, data, operational efficiency, serviceability, and supervision of the secure SDLC.
• Develop, implement, and maintain application security standards, policies, procedures, and best practices that align with risk and control processes
• Define the product security roadmap and lead the process of translating business and technical requirements into robust application/product security solutions that ensure customer information assets are adequately protected with acceptable levels of control.
• Review and approve the architecture and design for various application development project projects, and ensure commitments from partners and stakeholders.
• Collaborate with various stakeholders, such as developers, architects, project managers, and business leaders, to ensure the security of applications and systems throughout their lifecycle.
• Provide senior management-level summary status and feedback to business stakeholders and product management on the security projects.
• Conduct research and development on security innovations, tools, and methodologies in information technology services and help define and document internal, technical, and service processes and procedures. Work on proof-of-concepts and projects to improve the application security tool stack.
• Establish an enterprise security stance through definition of policy, architecture, development, training and awareness, aligning business needs with technology and doing so in a manner which ensures that security is built in.
• Provide thought leadership and a clear, consistent architectural vision across the platform, distributed services, and operations.
• Stay up to date with the latest trends and developments in information and cyber security, and pursue relevant certifications and memberships in information security communities.
• Mentor and coach the developers on security best practices, tools, and techniques. Experience in building and leading a volunteer-based application security champions program from grassroots, and scaling it to multiple product teams is desirable.
• Demonstrate excellent communication, collaboration, and leadership skills, and the ability to influence and educate others on application security best practices and standards.
Qualifications
• Bachelor's degree in computer science, Engineering, or related field, or equivalent work experience.
• Minimum 10 years of software development experience with at least 5 years in security architecture, design, development, assessment, testing, and review across multiple domains and platforms.
• Expertise in architecting and reviewing security solutions for complex applications running in a cloud, multi-tenant environment.
• Experience in cloud platforms such as Google Cloud, AWS or Azure and how to leverage their security features and services.
• Experience in designing and developing large scale On-prem and SaaS applications using various programming languages APIs and frameworks.
• Secure development methodologies such as threat modeling, static source code reviews, dynamic application security assessments, penetration testing, and security best practices.
• Experience in implementation of latest standards and technologies in authentication, authorization, auditing, cryptography, PKI, federation, OAuth, MFA, OIDC, and data security at rest, in transit and in use.
• Strong knowledge of security principles, standards, and best practices, such as OWASP, NIST, ISO, etc.
• Experience with security tools and technologies, such as encryption, authentication, authorization, firewalls, web application firewalls, intrusion detection/prevention systems, vulnerability scanning, penetration testing, etc.
• Experience with secure coding practices, such as threat modeling, code review, static and dynamic analysis, etc.
• Experience with agile development methodologies and DevSecOps practices.
• Excellent communication, collaboration, and leadership skills.
• Desirable certifications such as CISSP, CSSLP, CEH, or similar are preferred.
• Experience in vulnerability management tools and programs is desirable.
Benefits
• 25 to 28 days of annual leave
• Medical coverage provided by Bulstrad for you and your dependents
• Life, AD&D, Disability & critical illness coverage provided by DZI
• Meal vouchers provided by Edenred - 150 BGN per month
• Employee Assistance Programs available 24/7
• Global Tuition Reimbursement program - up to 7,125 BGN per year
• Fertility support - up to 13,600 BGN per year
• Adoption assistance
• UKG scholarship program
• Business travel insurance
• U choose program - 475 BGN every quarter to be spent on eligible items
Where we're going
UKG is on the cusp of something truly special. Worldwide, we already hold the #1 market share position for workforce management and the #2 position for human capital management. Tens of millions of frontline workers start and end their days with our software, with billions of shifts managed annually through UKG solutions today. Yet it's our AI-powered product portfolio designed to support customers of all sizes, industries, and geographies that will propel us into an even brighter tomorrow!
UKG is proud to be an equal opportunity employer and is committed to promoting diversity and inclusion in the workplace, including the recruitment process.
Disability Accommodation
For individuals with disabilities that need additional assistance at any point in the application and interview process, please email UKGCareers@ukg.com