IT Security Architect

Security Architect

Job Summary: We are seeking an experienced Security Architect with a strong background in application security, architecture reviews, and security risk assessments. The ideal candidate will have significant experience in securing containerized environments (OpenShift, Podman, and Docker), API Management (preferably with MuleSoft and Traceable), managing open source vulnerabilities with NexusIQ, and implementing Runtime Application Self-Protection (RASP) with Contrast Protect.
Key Responsibilities:

• (Remote - but ideal candidate would be open to onsite engagement once every 1-2 mo.)
• Conduct comprehensive architecture reviews of new software applications to identify security risks, propose mitigation strategies, and ensure alignment with security best practices.
• Perform Security Risk and Assessments (SRA) for critical applications, identifying potential vulnerabilities and recommending enhancements to strengthen security posture.
• Develop and maintain security policies and procedures related to application development and deployment.
• Secure container orchestration platforms such as OpenShift, and manage container runtime environments using Podman and Docker.
• Implement and manage API security solutions, with a preference for experience with MuleSoft and Traceable.
• Oversee the integration and management of open source security using NexusIQ or similar tools to identify and remediate vulnerabilities.
• Install, configure, and maintain Runtime Application Self-Protection (RASP) solutions, specifically Contrast Protect, to provide real-time application security.
• Collaborate with development teams to incorporate security considerations during the software development lifecycle (SDLC).
• Provide security guidance and training to development and operations teams to raise awareness and improve security practices.
• Stay current with emerging security threats, technologies, and regulations to ensure our applications and infrastructure remain secure.

Qualifications:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• Minimum of 5 years of experience in an application security role, with hands-on experience in security architecture and risk assessments.
• Proven expertise in securing container environments and managing container security.
• Experience with API management and security, especially with MuleSoft and Traceable.
• Proficiency in managing open source security and using tools such as NexusIQ.
• Experience with implementing RASP solutions, preferably Contrast Protect.
• Strong understanding of secure coding practices, ethical hacking, and threat modeling.
• Familiarity with industry standards and frameworks such as OWASP, NIST, and ISO 27001.
• Relevant security certifications (CISSP, CEH, OSCP, etc.) are highly desirable.
• Excellent communication, analytical, and problem-solving skills.

Work Environment:

• Fast-paced and dynamic environment requiring adaptability and continuous learning.

Collaboration with cross-functional teams and stakeholders