Please enable JavaScript.  This webapp requires JavaScript to work at its best.

Application Security Architect

Applications for this role are now closed. View similar roles here.
The details

Posted:

Security Architect / Application security Architect - Kubernetes, Salesforce, Force.com, Cloud, , IaaS, PaaS, SaaS, Security, CISSP, ISSAP, CREST

 
Key Responsibilities / Accountabilities
 

  • Providing security design services for application development teams and project delivery teams
  • Advising key stakeholders on application security features during requirements, design and development stages,  secure design and development best practice for application development teams and providing SME-level application security consultancy and best practice advise for enterprise application development and technology solution delivery teams
  • Enabling and improving the security of application solutions developed within the Group working with application development and project teams, Group CISO, IT security team and business stakeholders
  • Consulting with relevant stakeholders to understand the risk profile of proposed solutions in line with business requirements for storage and processing and ensuring appropriate security design considerations during evaluation, selection, installation, development, and configuration of solutions
  • Identify architectural and other security risks associated with applications and composite solution, recommend, and ensure implementation of appropriate risk mitigations and compensating controls where necessary

 
 
Skills and abilities needed to perform role
 

  • Strong overall solution analysis and design skills with strong business and commercial acumen and good understanding of SEI ATAM (Architecture Trade-off Analysis Method) and ability to apply trade-off analysis in practice (balancing risks, costs, quality, time)
  • Strong full-SDLC experience secure SDLC skills and practical experience of Software Assurance Maturity Model (SAMM) and OWASP best practice in software development and composite solution development teams
  • Strong overall technical, infrastructure, cloud and security architecture skills including good understanding and awareness of IT service management (e.g. ITIL) and IT governance (e.g. CoBIT) frameworks

 
 
Knowledge and Experience
 
 

  • Minimum of 3 years of experience in software development roles
  • 10+ years of industry experience in security architecture roles
  • Minimum of 5 years of secure design experience, with focus on security design for cloud deployed applications (public, private, IaaS, PaaS and SaaS)
  • Minimum of 3 years of experience with security design for multi-cloud, micro-services architectures including experience of security design for global, multi-regulatory compliant applications
  • Application security architecture knowledge of Salesforce and/or 3rd party Salesforce application (on Force.com)
  • CISSP-ISSAP (Information Systems Security Architecture Professional) and/or
  • Either CREST Registered Technical Security Architecture (CRTSA) certification (or evidence of training or self-learning comparable to CRTSA or equivalent certification) or GIAC Defensible Security Architecture (GDSA) certification (or evidence of training or self-learning comparable to GDSA or equivalent certification)
  • Salesforce System Architect certification for Identity and Access Management and Sharing and Visibility designer certification) and/or Microsoft Certified Azure Security Engineer Associate certification (or evidence of training or self-learning comparable to CRTSA or equivalent certification)
Applications Closed