Our Client, a well known company in Central NJ is seeking a Sr. Application Security Architect
We cannot work C2C on this opportunity ..
Reporting to the AVP and Head of Security Architecture, this role is responsible for evaluating and designing The Client’s Cyber Security Technologies in the Application Security Domain. Where applicable, these solutions will be implemented and transitioned to the Security Services team.
A key role within the organization, the app sec architect, is responsible:
- For defining and building responsive application security strategies that provides the ability to adapt to changing business and organization needs.
- To design and develop standards, blueprints, patterns, in the App Sec domain that can be leveraged by other architecture teams to develop solution design and architectural runways.
- To work cross-functionally in a matrixed environment and collaborate closely with other architects, engineers, & developers across the organization to ensure achievement of target objectives is essential for success in this role.
• Minimum 10 years of experience in Cyber Security practices.
• Minimum 7 years of security architecture knowledge and experience
• Minimum 5 years of experience managing small to medium size teams
• Experience with Amazon Web Services, Google Compute Cloud and Microsoft Azure
• Understanding of the OWASP Top 10 application security risks and how to address them
• Experience with Application Security testing (Dynamic and static testing), and vulnerability testing practices in CI/CD pipelines
• Experience with Security Architecture and Threat Modeling
• Familiarity with security industry standards (ISO 17799, NIST 800 series, etc.) and best practices
• CISSP, CCNP, MCSE, MCITP-EA, CEH, CCSA, certification preferred
In-depth and Thorough knowledge of:
• Security Standards and concepts
• Identity and Access Management Systems (MFA, SSO, Reverse Proxies, PAM)
• API Security
• Container Security
• Native Mobile App security
• Web Application Firewalls / Run-Time Application Firewalls
• SAFe Agile framework
- Provide architectural and best practices leadership related to the implementation of Cybersecurity controls in AppSec, DevSecOps, and Identity and Access management (IAM) domains
- Research information on new, emerging technologies and methods in security space and developed comprehensive security strategies for APIs, Open Source Software governance, CI/CD platforms, and IAM domains
- Work with various technology vendors to develop appropriate solutions exploring various deployment options such as cloud computing delivery models (IAAS, PAAS, and SAAS) and deployment models related to Public, Private and Hybrid Cloud service.
- Strong understanding and hand-on experience with Amazon Web Services, Google Compute Cloud and Microsoft Azure.
- Recommend security controls, plans for remediation, and evaluate inherent security characteristics of the technology and architectures used to protect the High Value Asset and its interconnected systems
- Work closely with Business and solution architects to ensure documented prescriptive blueprints and security best practices are followed and enforced during app design and implementation
- Strong understanding and hand-on experience in API security and implemented modern open security standards for token-based authentication using OAuth, OIDC, Strong AuthN, which is used extensively across the enterprise
- Evaluate emerging security tools and technologies that align to the vision and strategic goals and objectives on the Security organization
- Excellent written and verbal communications; effective interpersonal skills; strong formal presentation abilities.
- Provide timely reporting into executive management on team deliverables and other updates
- Communicate security risks and solutions to executive management, business partners and IT staff