Tuesday, 23 October 2018

Need: APPLICATION SECURITY ARCHITECT (Louisville, KY)

Hello,

 

Greetings!!

 

This is Sathish Kumar from ITTStar Consulting, LLC; we are looking for APPLICATION SECURITY ARCHITECT For the below mentioned job description. Kindly forward the resume, rate and contact details for further process.

 

I also kindly request you to forward this opportunity to your friends or colleagues; so that we can help someone who may be in search of a job or looking for a change.

 

The Application Security Architect will provide leadership within ITQA on matters relating to Application Security and will be responsible for the definition of the security architectures to be implemented. This is a role focused on people, process and necessary tools to support Secure SDLC for Client's fast-paced application development environment and technology operations.  The role requires a grasp of application security principles and practices and a background working in an application development and coding environment within a large enterprise business. 

 

Job Title

APPLICATION SECURITY ARCHITECT

Job Type

C2C

Job Location

Louisville, KY

Project Duration

12+ Months

Interview Mode

Video Interview – Skype/Go to Meeting

Rate

Open

Job Description

  1. Build a very close working relationship with DevOps, application development and QA teams.
  2. Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments
  3. Maintain documentation related to Application Security including the development of secure coding policies, procedures and standards, modification of the Software Development Life Cycle (SDLC) to include necessary security checkpoints, code review methodologies, etc.
  4. Designing system and security controls
  5. Creating security policies and standards
  6. Researching new security technologies and their application to the corporate environment
  7. Ensuring all acquired or developed systems are consistent with the corporate security architecture guidelines
  8. Defining and documenting how the implementation of a new system or interface impacts the security posture of the current environment
  9. Planning system implementation to ensure that all system components are integrated and aligned
  10. Documenting and addressing the organization's information security, architecture and systems security engineering requirements throughout the development lifecycle
  11. Performing security reviews, identifying gaps in security architecture and design

REQUIREMENTS:

  1. Application development / software development experience, understanding of security protocols and APIs
  2. Understanding of application threat modelling and SDLC security practices
  3. Curious, inquisitive, lifelong learner and self-starter
  4. Documentation skills in writing application security policies, procedures and standards
  5. Experience with agile software development methods
  6. Clear on responsibilities yet flexible and willing to self-direct during times of ambiguity

THE IDEAL CANDIDATE WILL HAVE THE FOLLOWING:

  1. Minimum of 3+ years in the following security functional areas: application security, authentication and authorization, identity and access management, dynamic application security testing, static application security testing, data security, security monitoring or SSO/2FA security, vulnerability management.
  2. An information security related certification such as CISSP, CISA or GIAC
  3. Experience in Linux, Windows, Cloud Platforms (AWS, Azure)
  4. Experience in evaluating, designing and implementing security solutions
  5. Familiarity with dynamic web application vulnerability scanning tools
  6. Familiarity with static code analysis tools
  7. Familiarity with high level programming languages
  8. Experience with Web Application Firewalls, Runtime Application Self-Protection (RASP), Reverse Proxies, and security assessment tools/methodology (network, systems, and application)
  9. Solid knowledge and understanding of securing all major web server environments and cloud platforms based on OWASP top ten recommendation

 Regards,
Sathish Kumar
ITTSTAR Consulting, LLC. | WWW.ITTSTAR.COM
11175 Cicero Drive, Suite 100, Alpharetta GA - 30022
D: (404) 666-1521 | O: (678) 648-6681
E: sathish@ittstar.com

No comments:

Post a Comment