Job Description: • 2-minute read •
Fidelity Enterprise Cybersecurity is seeking a highly skilled Director, Application Security Architect to assume primary responsibility for the development and implementation of security architecture for complex infrastructure and applications in a challenging and exciting business environment. You will work directly with the product management and engineering teams to develop solutions to critical projects and provide strategic roadmaps and guidance to both partner teams within ECS as well as for our business units and Enterprise Infrastructure.
Primary Responsibilities
Partner with Application Security team on evolution of the SDLC security program for in-house developed and commercial off-the-shelf software focusing on standard services, processes & tools
Keep abreast of application security trends and the emerging threat landscape and actively engage with vendors, understanding architecture roadmaps, technology direction, and investment to improve security capabilities and deliver cost effective solutions
Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process, standards, or technologies when necessary.
Develop and produce high quality documentation for strategic security architecture vision, including blueprints, standards and frameworks that are aligned with overall business strategy
Participate in solution architecture design, lead security efforts assisting with the integration and initial implementation of solutions (PoC’s)
Serve as information security subject matter expert, provide advisory and consulting services as required
Qualifications
Experience and Skills
Deep knowledge in SDLC methodology:
Static code analysis
Dynamic application testing
Penetration Testing/Ethical Hacking
Threat Modeling & Red Team assessment
Experience with web app languages and platforms (e.g. WS02, JAVA/J2EE, SOA, Node.js, REST) and knowledge of APIs standards (SOAP, REST) for application and system integration
Deep understanding of application security frameworks, disciplines and practices; experience with secure application development and application security risk mitigation techniques; Proficiency with Agile, Continuous Integration/Development, DevOps
Deep technical understanding of and experience with security technologies including, but not limited to, Identity and Access Management, network security (e.g. firewall, IDS/IPS), audit and monitoring, cryptography, key management, event correlation, end-point client security (fixed and mobile), secure application development, etc…
Working knowledge and experience with "Cloud Architectures" (e.g., SaaS, PaaS, IaaS) and the ability to address the unique security considerations of secure Cloud computing (e.g. integrating IAM with Enterprise services, Secure-SDLC. Data Protection - cryptography, key management)
Experience with IT infrastructure including servers, hypervisors, operating systems, databases, and middleware. Experience with cloud orchestration solutions such as open source components (e.g. OpenStack, CloudStack) and cloud services providers such as AWS, Rackspace and MS Azure.
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Fidelity Enterprise Cybersecurity is seeking a highly skilled Director, Application Security Architect to assume primary responsibility for the development and implementation of security architecture for complex infrastructure and applications in a challenging and exciting business environment. You will work directly with the product management and engineering teams to develop solutions to critical projects and provide strategic roadmaps and guidance to both partner teams within ECS as well as for our business units and Enterprise Infrastructure.
Partner with Application Security team on evolution of the SDLC security program for in-house developed and commercial off-the-shelf software focusing on standard services, processes & tools
Keep abreast of application security trends and the emerging threat landscape and actively engage with vendors, understanding architecture roadmaps, technology direction, and investment to improve security capabilities and deliver cost effective solutions
Drive adoption of enterprise standards (reference architectures) and best practices, and promote changes in process, standards, or technologies when necessary.
Develop and produce high quality documentation for strategic security architecture vision, including blueprints, standards and frameworks that are aligned with overall business strategy
Participate in solution architecture design, lead security efforts assisting with the integration and initial implementation of solutions (PoC’s)
Serve as information security subject matter expert, provide advisory and consulting services as required
Qualifications
Experience and Skills
Deep knowledge in SDLC methodology:
Static code analysis
Dynamic application testing
Penetration Testing/Ethical Hacking
Threat Modeling & Red Team assessment
Experience with web app languages and platforms (e.g. WS02, JAVA/J2EE, SOA, Node.js, REST) and knowledge of APIs standards (SOAP, REST) for application and system integration
Deep understanding of application security frameworks, disciplines and practices; experience with secure application development and application security risk mitigation techniques; Proficiency with Agile, Continuous Integration/Development, DevOps
Deep technical understanding of and experience with security technologies including, but not limited to, Identity and Access Management, network security (e.g. firewall, IDS/IPS), audit and monitoring, cryptography, key management, event correlation, end-point client security (fixed and mobile), secure application development, etc…
Working knowledge and experience with "Cloud Architectures" (e.g., SaaS, PaaS, IaaS) and the ability to address the unique security considerations of secure Cloud computing (e.g. integrating IAM with Enterprise services, Secure-SDLC. Data Protection - cryptography, key management)
Experience with IT infrastructure including servers, hypervisors, operating systems, databases, and middleware. Experience with cloud orchestration solutions such as open source components (e.g. OpenStack, CloudStack) and cloud services providers such as AWS, Rackspace and MS Azure.
Pass it on for Referral Bonus. Not the right role for you, but know someone we should meet? Share with him to earn $1,000 referral bonus.
Posts
