Job Details

ID #15586286
State Colorado
City Denver
Job type Permanent
Salary USD Depends on Experience Depends on Experience
Source Wipro Ltd.
Showed 2021-06-18
Date 2021-06-16
Deadline 2021-08-15
Category Architect/engineer/CAD
Create resume

Cloud Security-Architect

Colorado, Denver, 80221 Denver USA

Vacancy expired!

Application Security Architect with Threat Modelling

Essential Functions:
  • Engage in the initial requirements definition (including analysis of threats and risks and alignment with Product Development , Engineering, IT and Architecture standards) and providing security recommendations /requirements
  • Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
  • Facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
  • Co-ordinate penetration tests and ethical hacking exercises.
  • Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level.
  • Reviews results of network and application ethical hacks in order to determine severity of findings and to ensure proper remediation is applied.
  • Provide accurate and timely reporting of findings and proposed remediation and mitigations.
  • You’ll be working on enabling/building security to protect the applications from attacks.
  • Automate security tools and processes ensuring innovation and advancement strategies that keep pace in the areas of access control, security-in-depth, secure transaction processing, secure coding practices.
  • Identify and analyse system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.

Preferred Qualifications:
  • Bachelor degree in Computer Science or related field and 7+ years of experience in related Security Architecture role practices
  • Progressive experience in building secure applications preferably payment platforms, systems that can withstand all types of threats from various threat agents.
  • Deep understanding of current compliance, regulatory and legal requirements relevant to the transaction processing industry such as PCI, HIPPA, SOX, and GLB.
  • Knowledge of administrative, physical and technical controls that could be built around networks, systems and applications to secure them.
  • Expertise on common web and network vulnerability attacks including OWASP Top 10 and SANS Top 25 and respective mitigation strategies.
  • Understanding of cryptographic concepts and applied cryptography (SSL, AES etc.)
  • Proven record of accomplishment in designing security controls for complex web applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Protection technologies, Security Information Event Management etc.
  • Strong knowledge of deep design review and Secure Development Lifecycle methodologies, Agile based methodologies, middleware platforms, development platforms
  • Knowledge of functional programming languages like GoLang (preferred), Scala, Erlang, Haskell, Clojure, or the ability to learn them quickly
  • Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.
  • Experience working in 24/7 operational environments
  • Exceptional interpersonal, written, and oral communication skills

Vacancy expired!

Subscribe Report job