Application Security Architect

Company: Rangam Consultants Inc.
Location: Newark
Posted on: June 21, 2022

Job Description:

The Application Security Architect will partner with Enterprise Architects, Engineers, and Developers to develop a deep technical understanding of Client's technology ecosystem.
The incumbent will lead architecture reviews, create threat models, and identify risks.
A successful architect will advise IT, business owners, and technical teams on options to mitigate risk and facilitate data-based decision making.
The candidate must have excellent verbal and written communication skills and must have experience creating reusable documentation.
Major Responsibilities
Review application architecture and recommend security related enhancements
Model attack vectors and recommend security controls to mitigate risk
Capture project and security knowledge and contribute to reference architecture pattern creation
Participate in security technology evaluation
Drive design of application security elements and frameworks
Plan, design, develop, and maintain security technologies, diagrams, processes, and procedures
Develop and implement enterprise-wide and cross-functional integration solutions
Conduct technology reviews to ensure computer systems are built to reference security architecture principles
Help build security into infrastructure and architecture designs and guide implementation with the operations team
Create and deliver knowledge sharing presentations and documentation to security, developers, and operations teams
Education/Experience
Prefer BA/BS degree from an accredited college or university in Information Security, Computer Science, Information Management Systems, or in related field.
6+ years of professional business experience in IT and/or Information Security or a Master's degree in Information Security, Computer Science, Information Management Systems, or in related field with 4 years of professional work experience in IT and/or Information Security.
Requires a minimum of 2 years of experience in application/product security, enterprise security architecture, and/or threat modeling or architecture risk analysis.
CISSP, SANS/GIAC Certifications, AWS Certifications are preferred.
Knowledge
Application security tools such as : HTTP and TCP proxies, fuzzers, scanners, debuggers, simulators, etc.
Common vulnerabilities in the OWASP top 10 list
Familiarity with at least one traditional threat modeling framework, such as STRIDE, DREAD, PASTA, OCTAVE, etc.
Strong familiarity with common web application architectures such as three-tier, microservices, single-page app, etc.
Encryption standards
Authentication and Authorization standards such as Oauth 2.0, OpenID Connect (OIDC), and SAML 2.0

Keywords: Rangam Consultants Inc., Newark , Application Security Architect, Other , Newark, New Jersey