Job Seekers, Please send resumes to resumes@hireitpeople.comInt. type - Either Webcam or In Person.
Short Description: Applications Security Architect with the primary responsibility of defining security practices and guidelines for application development teams, ensuring security awareness of policies and coaching/training application development teams on security.
Complete Description: Years of Experience:Minimum 10 years of experience directly in Information Technology5-10 years of experience in Application DevelopmentMinimum 5 years of experience directly related to Information Security
Education:Bachelor’s degree in Computer Science, Information Technology, Engineering or a related technical fieldCISSP certification or equivalent required
Responsibilities:• Expert in the various facets of application security and key contributor to the Application Security Program• Defines the application security guidelines and standards in alignment with security policies.• Provide security architecture guidance and best practices in support of application development.• Training and coaching application teams on secure coding practices and the usage of security tools.• Aligns application security needs to existing enterprise services• Ensures security is embedded into the overall architecture and system design• Ensures the appropriate level of architecture and design artifacts are developed• Verifies security compliance via testing methodologies, scripts and testing• Assists in the creation of System Security Plans
Experience:Practical experience in the Information Security Architecture field, with emphasis on application security architecture and authorization approaches.Proven experience specially in Identity Access Management SolutionsStrong understanding of security architecture best practices, standards and frameworks.Experience in cloud and application-level security architecture.Advanced knowledge of web architectures, web applications, APIs, mobile applications, desktop applications Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasuresExperience with a broad range of attack classesExperience securing platform web APIsExperience leading code reviews, penetration tests, or similar projectsProven experience with relational database management systems specifically Oracle 10.1 and aboveExpertise in Security Protocols such as IPSEC, SLL/TLS, SAML2.0Expertise in Internet Protocols such as IP, TCP, UDP, DNS, HTTP/SSoftware development and system-level programming C, C++, Java or equivalentStrong communication (written/verbal) and collaboration skillsIn depth understanding of NIST 800-53 and security controlsUnderstanding of industry regulations (HITECH/HIPAA, PCI, CJIC, IRS, etc.)Experience working in large, complex IT organizations
Education:Bachelor’s degree in Computer Science, Information Technology, Engineering or a related technical fieldCISSP certification or equivalent required
Responsibilities:• Expert in the various facets of application security and key contributor to the Application Security Program• Defines the application security guidelines and standards in alignment with security policies.• Provide security architecture guidance and best practices in support of application development.• Training and coaching application teams on secure coding practices and the usage of security tools.• Aligns application security needs to existing enterprise services• Ensures security is embedded into the overall architecture and system design• Ensures the appropriate level of architecture and design artifacts are developed• Verifies security compliance via testing methodologies, scripts and testing• Assists in the creation of System Security Plans
Experience:Practical experience in the Information Security Architecture field, with emphasis on application security architecture and authorization approaches.Proven experience specially in Identity Access Management SolutionsStrong understanding of security architecture best practices, standards and frameworks.Experience in cloud and application-level security architecture.Advanced knowledge of web architectures, web applications, APIs, mobile applications, desktop applications Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasuresExperience with a broad range of attack classesExperience securing platform web APIsExperience leading code reviews, penetration tests, or similar projectsProven experience with relational database management systems specifically Oracle 10.1 and aboveExpertise in Security Protocols such as IPSEC, SLL/TLS, SAML2.0Expertise in Internet Protocols such as IP, TCP, UDP, DNS, HTTP/SSoftware development and system-level programming C, C++, Java or equivalentStrong communication (written/verbal) and collaboration skillsIn depth understanding of NIST 800-53 and security controlsUnderstanding of industry regulations (HITECH/HIPAA, PCI, CJIC, IRS, etc.)Experience working in large, complex IT organizations
Skill | Required / Desired | Amount | of Experience |
Identify and Access Management (IAM) | Required | 1 | Years |
Database Security | Required | 1 | Years |
Information Technology | Required | 10 | Years |
IT Security | Required | 5 | Years |
Application Development | Required | 5 | Years |
Security Protocols | Required | 2 | Years |
Internet Protocols | Required | 2 | Years |
Understanding of industry regulations (HITECH/HIPAA, PCI, CJIC, IRS, etc.) | Highly desired | 2 | Years |
NIST 800-53 and security controls | Required | 2 | Years |
Cloud Security | Highly desired | 1 | Years |
Application Scanning and Penetration Testing Tools | Required | 2 | Years |
Secure Coding Practices & Code Reviews | Required | 2 | Years |
CISSP certification or equivalent | Required | 1 | Years |
