IT Security Architect - security architecture and design - W2 ONLY
The Security Architect position is a senior role in the Software Security Assurance team that works closely with IT teams to integrate security throughout the software development lifecycle. The security architect is responsible for assuring design, implementation and operation of products and technologies adheres to applicable security standards and practices. Shape the larger Software Security Assurance program by working with broader governance entities within the organization through continuous improvement of Policies, Standards, Requirements and Guidelines and frameworks.
- Provide expert security architecture advice for programs and projects
- Stay abreast of emerging security issues, practices and patterns and proactively incorporate them into a continuously improving security program
- Devise and develop reference security architectures and frameworks
- Conduct security architecture reviews to reveal design flaws in applications, systems and networks before they are implemented
- Conduct threat modeling and develop abuse cases
- Provide as well as validate the engineering solution
- Conversant with security design patterns
- Work with development teams to provide appropriate and effective remediation guidance for vulnerabilities discovered during various assessments.
- Promote and cultivate a positive security mindset amongst the development community
- Mentor less experienced team members
- Minimum of 10 years of information technology industry experience
- Minimum of 5 years of experience working on security architecture and design
- Bachelor’s degree or equivalent experience
- Understanding of multi-tiered architecture
- Solid understanding of secure network and system design
- Understanding of the Software Development Lifecycle (SDLC)
- Familiarity with common vulnerabilities and attack vectors
- Passion for security
- Information security certifications (GIAC, ISC2, ISACA) preferred.
- 5 years development experience preferred with Java, C#, .NET languages
- Experience performing architecture reviews