Previous Job
Previous
Senior Application Security Architect -Threat Evaluation
Ref No.: 17-10218
Location: St. Louis, Missouri
Position Type:Direct Placement
Start Date: 09/06/2017

Title: Senior Application Security Architect - Threat Evaluation
Location: St. Louis, MO
Type: Full Time/ Direct Hire
Salary: Open DOE


Job Description
The Threat Evaluation (TEV) organization's mission is to identify threats and drive out vulnerabilities across Client (Client). The ideal candidate will have excellent analytical, engineering, communication, and technical skills. This position will be responsible for performing threat modeling exercises in support of the Project Risk Assessment Team. This role is a leadership position, which will create, and implement, and maintain a threat modeling strategy and framework (PASTA, DREAD, etc.).

Responsibilities
·Lead the Threat Modeling program by performing security architecture/application reviews of web and mobile products and applications
·Create security use, misuse and abuse cases for products and applications, to help create test plans to ensure adequate protection against threats
·Define and implement KPIs to effectively measure the program
·Create and execute the strategic roadmap
·Assist project teams in implementing security measures to meet corporate policies and external regulations.
·Mentor other Security Analysts in performing threat modeling and risk assessments
·Provide technical expertise and resolution for Threat Modeling and Risk Assessments

Job Requirements

Demonstrated Experience in multiple of the following areas:
    • Application security and architecture
    • Identity management
    • Static and dynamic code analysis
    • Multifactor Authentication
    • Vulnerability Management
    • Web application firewalls
  • Experience with understanding complex software and system interactions
  • Practical experience of threat modeling applications, services, and infrastructure
  • Demonstrated experience with implementing/assessing risk against company standards
  • Great familiarityIn-depth knowledge of with OWASP Top 10 / Application Security Verification Standard and how to remediate those findings
  • Familiarity with high-level programming languages
  • Keen Demonstrated ability to diagnose and troubleshoot technical issues, excellent problem-solving skills
Experience / Soft Skill Requirements
  • 5+ years' experience as Application Architect/Sr. Developer
  • 3+ years' experience in Information Security
  • Strong program development, program management and leadership skills including experience in developing, documenting and establishing application security programs and best practices.
  • Understanding of application threat modeling and Secure SDLC practices.
  • Excellent written and verbal communication skills required. Must be able to communicate technical details a clear, understandable manner.
  • Generally curious with the ability to pick up new technology or concepts very quickly is required for success
If interested and well qualified, please send a copy of your resume to zachary.avalos@mondo.com.