Join CDW and help protect delivery of full stack technology solutions and global services for 250K+ customers-including corporate enterprise, government, education, and healthcare industries. You will be on a team dedicated to collaborative delivery of a new global information security strategy, operating model, and bjectives to accelerate CDW's business goals in a secure way.

Your role at CDW is of the utmost importance to the company's mission, objectives, and reputation. As the Senior Application Security Lead/Architect, you will play a pivotal role in finding weaknesses in CDW's software technology stack to ensure identification and resolution ahead of adversary detection and exploitation. Your responsibilities include three parts:

Key Areas of Responsibilities
Vulnerability Research

• Perform manual hands-on penetration testing and code reviews to identify security weaknesses across a wide variety of technology solutions, including on-premises applications and SaaS platforms.
• Develop new tactics, techniques, and procedures to identify zero day vulnerabilities across CDW's critical crown jewel applications and platforms.
• Create proof of concept code and demonstrations to communicate exposure and exploitation outcomes for various audiences.
• Partner with information security coworkers to ensure appropriate logging and detections are in place to identify newly identified offensive security tactics and techniques.
• Mentor junior security architects and penetration testers-ensuring alignment on methodology and tradecraft.

Architecture Advisory

• Participate in CDW's global Secure Software Development Life Cycle (S-SDLC) program-providing advisory on secure code and architecture patterns to ensure consistent, repeatable, and scalable security across common application, API, and platform use cases.

Responsible Disclosure

• Produce detailed technical reports, public blog posts, and articles-boosting CDW's industry reputation while enhancing your brand.
• Follow common practices to responsibly disclose zero day vulnerabilities impacting vendor products.

Education and/or Experience Qualifications

• Bachelor's Degree
• 10 Years of experience Information Security

Required Qualifications

Who you are:

• You thrive on making an impact-for your team, your company, and the industry
• You are extremely hands-on with a passion for technology
• You do not accept the status-quo, and always strive to improve
• You are eager to learn and seek professional development continuously
• You are resourceful, open-minded, analytical and enjoy solving complex problems
• You are diligent and self-motivated

What we are looking for:

• We value experience, skills, drive, aptitude, and attitude over university degrees and certifications
• Demonstrated track record of vulnerability exploitation across various technology stacks
• Ability to threat model to identify design flaws and security control gaps
• Demonstrated experience in secure software engineering practices-including authentication, authorization, API, and application security