Application Security Architect

Application Security Architect

We are looking for a highly skilled Application Security Architect to join our team at Tipalti. This role is pivotal in ensuring the security of our applications from inception to production and beyond. The ideal candidate will have a solid development background that has evolved into security expertise, enabling them to work closely with development teams to implement security best practices and develop protection mechanisms.

Why join Tipalti?

Tipalti is one of the world’s fastest-growing fintech companies. We free finance professionals to lead by modernizing the entire payables operation. We are a well-funded, late-stage start-up backed by high-profile investors. Our 2021 Series F funding round raised $270 million, valuing us at over $8.3 billion. With total funding of just over $550 million, and with more than 5000 global customers, Tipalti is one of the most valuable private fintech companies in the world.

At Tipalti, we pride ourselves on our collaborative culture, the quality of our product and the capabilities of our people. Tipaltians are passionate about the work they do, and keen to get the job done. Tipalti offers competitive benefits, a flexible workplace, career coaching, and an environment where diverse individuals can thrive and make an impact. Our culture ensures everyone checks their egos at the door and stands ready to reach for success together.

Founded in Israel in 2010, Tipalti is a global business headquartered in the San Francisco Bay Area (Foster City) with offices in Tel Aviv, Plano, Toronto, Vancouver, London, Amsterdam and Tbilisi.

In this role, you will be responsible for:

Partner with all Tipalti development teams to establish and govern security practices from the outset of development to production.
Conduct application security assessments, including architecture design reviews and threat modeling.
Act as a security advisor to cross-functional teams, including product, engineering, and others, to support secure software development.
Design, build, and implement advanced application security solutions.
Lead security audits, vulnerability assessments, and code reviews.
Develop and share software security guidelines, including training materials, secure coding checklists, best practices, and reusable code.
Ensure ongoing compliance with security policies and procedures in support of regulatory requirements.
Elevate security awareness across the SSDLC, defining tailored training roadmaps as needed.
Manage and review security issues in products, analyzing severity and risk, and recommending remediation steps.
Establish, manage, and lead a VDP/Bug Bounty program

About you

Minimum of 3 years of security architectural experience, including threat modeling and design reviews of complex products – Must
Experience in SaaS application development (2+ years) – Optional
Development expertise in one of the following: .NET or JavaScript
In-depth knowledge of end-to-end security architectural considerations.
Proven ability to establish and manage security policies, acting as the central security contact for all S-SDLC tasks, challenges, and requirements.
Strong understanding of the OWASP Top 10 application security risks and the ability to address them.
Experience with cloud-native infrastructure architecture (e.g., containers, Kubernetes).
Solid knowledge of Cloud Security Architecture, particularly with AWS and Azure.
Proficient in microservice architecture, web technologies, and APIs.
Excellent communication skills, with the ability to effectively convey information to both technical and non-technical stakeholders, from developers to senior management.
Hands-on experience with at least two application security tools, such as SAST, API Security, DAST, WAF. - Must

Our tech teams are the engine behind our business. Tipalti’s tech ecosystem is extremely rich and we continually add new features to our products, ensuring that we respond to our clients’ needs at scale. Our tech teams retain a fast-paced, start-up vibe that encourages innovation and critical thinking. At Tipalti, you’ll have the opportunity to work with a diverse, global team of engineers, developers and product leaders who are collectively building the future of our best-in-class product suite as we transform financial operations for the future.

#LI-hybrid

Our Mission

Our mission is to elevate how finance teams operate in the global economy. We empower our customers to scale faster and smarter by removing the complexities of doing global business and accelerating their finance operations efficiency. We are the AI-powered platform that automates finance.

Tipalti is fueled by a commitment to our customers and a desire to build lasting connections. Our client portfolio includes high-velocity businesses such as Amazon Twitch, GoDaddy, Roku, WordPress.com, and ZipRecruiter. We work hard for our 99% customer retention rate which is built on trust, reliability and innovation. Tipalti means we handled it" - a mission to which we are constantly committed.

Accommodations
Tipalti champions inclusive teams, in which every voice counts. We are committed to recruiting diverse candidates with varied personal experiences and abilities. We welcome applications from candidates belonging to historically underrepresented or disadvantaged groups, and maintain an equitable Talent Acquisition process that is free from discrimination.

As an equal opportunities employer, Tipalti complies with employment and human rights laws across the various jurisdictions in which we operate. Should you require reasonable adjustments or accommodations during the recruitment process, including access to alternate formats of materials, meeting spaces, or other accommodations that could better enable your full participation, please reach out to hr@tipalti.com for assistance.

Privacy
We are committed to protecting the privacy interests of job applicants and candidates. For more information about our privacy practices during our Talent Acquisition process, please refer to our Job Candidate Privacy Notice below: