Previous Job
Previous
Application Security Architect - Digital Banking
Ref No.: 18-11284
Location: Atlanta, Georgia
Application Security Architect - Digital Banking
Atlanta, GA
Direct Hire


Responsibilities

Work as the lead to design, implement and govern the overall security architecture of the digital banking products.
Aligning the secure development lifecycle to industry standards, including Microsoft SDL, OWASP development guides and PII/GDPR related topics.
Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
Perform threat modeling, design reviews and code reviews as part of the development lifecycle.
Design and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and application security topics.
Lead the implementation of proposed solutions while interfacing with the Project Management Office (PMO) to ensure the coordination, communication and successful delivery of projects.
Leading the integration of security engineering automation tools, as SAST, IAST, Software Composition Analysis, and Container Security.
Develop and maintain security procedures and guidelines for the products.
Manage relationships and interactions with human resources, legal, customers and internal audit departments.


Qualifications:
Requirements

Bachelor's Degree in Computer Science or related field. Equivalent work experience will be considered.
Software development background of 4 -7 years.
Security certifications are desirable, e.g. CISSP, CSSLP, CEH etc.
Retail, financial, healthcare payment transaction processing software security testing experience (not only running automatic tools, but actually executing manual testing).
Experience with providing application security for financial institutions, including familiarity with FFIEC regulatory requirements.
Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications etc.).
Active participation in cybersecurity forums/conventions, e.g. DEFCON, Black Hat. Public speaking is a plus.