Bachelor's degree in Computer Science or related field., Proven experience in application security and risk management., Strong knowledge of security frameworks and best practices., Certifications such as CISSP or CEH are preferred..
Key responsibilities:
Design and implement security measures for applications.
Conduct security assessments and vulnerability testing.
Collaborate with development teams to integrate security into the software development lifecycle.
Provide guidance on security best practices and compliance requirements.
Report This Job
Help us maintain the quality of our job listings. If you find any issues with this job post, please let us know.
Select the reason you're reporting this job:
Since 1993, EPAM Systems, Inc. (NYSE: EPAM) has used its software engineering expertise to become a leading global provider of digital engineering, cloud and AI-enabled transformation services, and a leading business and experience consulting partner for global enterprises and ambitious startups. We address our clients’ transformation challenges by fusing EPAM Continuum’s integrated strategy, experience and technology consulting with our 30+ years of engineering execution to speed our clients’ time to market and drive greater value from their innovations and digital investments.
We make GenAI real with our AI LLM orchestration, testing and engineering solutions, EPAM DIAL, EPAM EliteA™ and EPAM AI/RUN™, respectively.
We deliver globally, but engage locally with our expert teams of consultants, architects, designers and engineers, making the future real for our clients, our partners and our people around the world.
We believe the right solutions are the ones that improve people’s lives and fuel competitive advantage for our clients across diverse industries. Our thinking comes to life in the experiences, products and platforms we design and bring to market.
Added to the S&P 500 and the Forbes Global 2000 in 2021 and recognized by Glassdoor and Newsweek as a Top 100 Best Workplace, our multidisciplinary teams serve customers across six continents. We are proud to be among the top 15 companies in Information Technology Services in the Fortune 1000 and to be recognized as a leader in the IDC MarketScapes for Worldwide Experience Build Services, Worldwide Experience Design Services and Worldwide Software Engineering Services.
Learn more at www.epam.com.
EPAM is looking for an
Application Security Architect
to join the Security practice to work directly with our biggest enterprise customers.
Responsibilities
Lead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to Testing
Establish secure software development lifecycle (SSDLC) programs
Support software development teams in secure development methodologies, tools, and processes
Train Software Development teams in the areas of secure development
Building Secure Architecture and Design for the projects
Communicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it
Cooperate with all sub-teams: BAs, Developers, Qas; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
Be able to communicate and coordinate work with other Security Teams – Cloud Security Engineers, Infrastructure Security Engineers or Penetration Testers
Requirements
Software Development or Security-focused university degree OR equivalent experience
Motivation to develop and grow in the field of Security
Familiarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM, etc.)
Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools
Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review
Familiarity with of security threat, their implementation and their classification
Understanding of main security concepts and principles
Understanding of main areas of protection and levels of defense
Nice to have
Familiarity with the one or more cybersecurity tools in the following categories: Static Code Analysis, Penetration Testing, Intrusion Detection/ Prevention
Knowledge of Security Features and Mechanisms provided by at least one OS and development platform/technologies
Understanding of mitigation mechanisms for every type of threats
Familiarity with existing security standards and regulations experience of requirements implementation
Understanding of basic principles of infrastructure security and penetration testing
Experience with cloud security controls and policies
Relevant certifications such as CISSP, CCSP, SANS GIAC or similar qualifications are a considered an advantage
Experience with Cloud Security
We offer
Dynamic, entrepreneurial corporate environment
Diverse multicultural, multi-functional, and multilingual work environment
Opportunities for personal and career growth in a progressive industry
Global scope, international projects
Widespread training and development opportunities
Unlimited access to LinkedIn learning solutions
Competitive salary and various benefits
Advanced wellbeing and CSR programs, recreation area
Do you know someone interested in starting a career in IT? Share our EPAM Campus programs with them, where they can enhance their knowledge in various fields online, free of charge.
EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.