Match score not available

Application Security Architect (Software and Device)

Remote: 
Full Remote
Contract: 
Work from: 
United States

Offer summary

Qualifications:

Experience with developing application authentication and authorization systems, Understanding of OWASP Top 10 security risks, Familiarity with Microsoft SDL, OWASP SAMM, or BSIMM, Knowledge of enterprise software technologies and cloud platforms.

Key responsabilities:

  • Advise clients on security risks and translate them into business impact
  • Architect security solutions for IT systems to mitigate risks
  • Collaborate with project teams to ensure security requirements are met
  • Stay updated on security technologies and make recommendations for their use
SysLogic, Inc. logo
SysLogic, Inc. Information Technology & Services SME https://www.syslogicinc.com/
51 - 200 Employees
See more SysLogic, Inc. offers

Job description

We are seeking to add an Application Security Architect (Software and Devices) to our growing managed security offering. This individual will utilize a combination of business process analysis, technical process analysis and technical expertise to develop enterprise architectural security deliverables. This analyzes the relationships of the various IT components and business processes to define approaches that provide significant value to our clients by driving appropriate security strategies across these disciplines.

This individual will be working closely with key client decision makers and business leaders as well as varying levels of technologists requiring this individual to have solid communication skills with all levels of an organization. Additionally, this individual would be responsible for developing advanced enterprise security ideas aligned with key industry standards that can guide our security offerings into the future. More about SysLogic


PRIMARY RESPONSIBILITIES:

  • Build strong client relationships and effectively influence staff at all levels of client organizations.
  • Advise senior client management on security risks.
  • Translate security risks to business impact.
  • Consult and facilitate delivery of Information Security strategic goals and initiatives for clients
  • Assists in the evaluation of overall risk for IT systems (including data), accounting for the people, processes, and technologies that provide security controls
  • Architects, prioritizes, coordinates and communicates the choice of security technologies necessary to ensure a highly secure yet usable computing environment
  • Provide security architecture and advice in support of application development, infrastructure, and enterprise technology projects.
  • Coordinate with various project teams to communicate the necessity of security requirements and design constraints.
  • Identify any gaps in existing application security infrastructure to meet project requirements, work with the Client Management to identify and roadmap solutions.
  • Perform code analysis, application security reviews, and develop an application security training program.
  • Stays current with security technologies and make recommendations for use based on business value.
  • Maintains an expert knowledge in the field of Information Security and the related issues, systems, processes, products, and services.
  • Participate in and lead technology discussions with client engineering teams and client management.
  • Provide technical leadership to build consensus among stakeholders around proposed designs.
  • Review technology solution designs to assist the business in meeting their cybersecurity objectives. Ensure solutions and new features are designed and implemented according to established design and cybersecurity standards and practices (and, where necessary, facilitate acceptable tradeoffs).
  • Document technical requirements and technical designs for new solutions and features.
  • Lead Developers in secure application design and patterns.
  • Research new technologies and best practices for approaching and implementing emerging technologies.
  • Coordinate with various project teams to communicate the necessity of security requirements and design constraints.

DESIRED QUALIFCATIONS:

  • Solid experience designing, developing, or customizing application authentication and authorization systems.
  • Understanding of the OWASP Top 10 application security risks and how to address them.
  • Working knowledge of the Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM).
  • Experience with Security Lifecyle Development Assurance (SDLA).
  • Strong working knowledge of enterprise software technologies, application security, and infrastructure.
  • Working knowledge of Microsoft Azure, AWS and/or Google Cloud platform offerings and security related services.
  • Hands on experience with encryption, hashing, secure random number generation, key derivation, key management, digital signatures, etc. in one or more major development languages.
  • Review technology solution designs to assist the business in meeting their cybersecurity objectives. Ensure solutions and new features are designed and implemented according to established design and cybersecurity standards and practices (and, where necessary, facilitate acceptable tradeoffs)
  • Translate security risks to business impact
  • Interest in and ability to stay current with security technologies and make recommendations for use based on business value.
  • Core understanding of web application security scanning software and related penetration testing tools.
  • Substantial history working as a Software Developer, Software Engineer or Application Architect designing and developing solutions within enterprise software or product environments.
  • General knowledge of core security networking concepts like TLS, SSH, DNS, Firewalls etc.
  • Solid understanding of cloud architecture as well as on premise IT landscape.
  • Exposure to security to the device leve

NICE TO HAVES:

  • Design and implementation of embedded system security and IoT connectivity for consumer products.
  • Planning and implementation for connected device security and OTA firmware/software updates.
  • Experience with IoT platforms such as AWS, Azure, and Google Cloud.
  • Applicable certification strongly desired (CISSP, CISSP - ISSAP, CEH etc.) or obtained within 6 months of employment.


#LI-HYRBID #LI-REMOTE

Benefits

  • Health Care Plan (Medical, Dental & Vision)
  • Retirement Plan (401k, IRA)
  • Life Insurance (Basic, Voluntary & AD&D)
  • Paid Time Off (Vacation, Sick & Public Holidays)
  • Family Leave (Maternity, Paternity)
  • Long Term Disability
  • Training & Development
  • Work From Home
  • Free Food & Snacks

Required profile

Experience

Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Other Skills

  • Verbal Communication Skills
  • Analytical Thinking
  • Open Mindset
  • Leadership

Security Architect Related jobs