|Reference # : ||18-00009
||Title : ||APPLICATION SECURITY ARCHITECT|
|Position Type : ||Direct Placement|
|Experience Level : ||7 Years
||Start Date : ||01/03/2018
| Description |
- Work as the lead to design, implement and govern the overall security architecture of the products.
- Aligning the secure development lifecycle to industry standards, including Microsoft SDL, OWASP development guides and privacy related topics.
- Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
- Perform threat modeling, design reviews and code reviews as part of the development lifecycle.
- Design and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and application security topics.
- Lead the implementation of proposed solutions while interfacing with the product and solution management leaders to ensure the coordination, communication and successful delivery of projects.
- Leading the integration of security engineering automation tools into the CI/CD pipeline, as SAST and IAST.
- Develop and maintain security procedures and guidelines for the products.
- Manage relationships and interactions with human resources, legal, customers and internal audit departments.
- Bachelor's Degree in Computer Science or related field. Equivalent work experience will be considered.
- Software development background of 4 -7 years.
- Security certifications are desirable, e.g. CISSP, CSSLP, CEH etc.
- Advantage - experience with retail, financial, and general payment transaction processing software vulnerabilities.
- Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external), effective written skills (white papers, vulnerability specifications etc.), ability to manage itself and push the security initiatives forward.
- Active participation in cybersecurity forums/conventions, e.g. DEFCON, Black Hat. Public speaking is a plus.
Who does this position report to?
Application Security Architect Leader
What are the 3-4 non-negotiable requirements on this position?
Technical but has exec communication skills CISSP Certification Code Review experience Very strong technical background Platform Security experience
What is exciting about this opportunity? Please use this section to describe team and company culture.
This person will be developing a strategic platform, so a lot of elements that need to be reviewed/considered/worked through