Security Architect (39710)

Are you ready to shape the future of application security? Join the team as a Security Architect and help ensure our applications remain resilient and compliant throughout their lifecycle. You will collaborate with developers, guide external partners, define security standards, and stay ahead of threats. If you bring deep security expertise and a passion for secure development, do not hesitate to contact me.

🚀 Project
- working with various stakeholders across the organization to ensure security of applications throughout their lifecycle, considering industry best practices, regulatory requirements, and organizational needs
- steering external partners on conducting comprehensive security assessments of applications, identifying vulnerabilities, and recommending appropriate remediation strategies
- collaborating with development teams to integrate security controls and measures into the application development process effectively
- defining and enforcing application security policies, standards, and procedures, ensuring compliance with internal and external security requirements
- staying up to date with emerging security threats, vulnerabilities, and industry trends related to application security and assessing their potential impact 
- providing guidance and support to development teams on secure coding practices, secure configuration management, and vulnerability remediation
- acting as a subject matter expert and providing guidance on application security to stakeholders, management, and executives
- supporting any other security architecture topic relevant to project deliverables
- staying abreast of industry standards and frameworks such as OWASP, SANS, and NIST, and incorporating relevant practices into the application security program
- developing and maintaining strong relationships with key vendors and strategic external partners

🎯 Skills
- proven experience as an application security architect or in a similar role, with a focus on application security
- strong knowledge of application security principles, such as secure coding practices, input validation, authentication, access controls, and encryption
- experience with application security standards and frameworks, including OWASP Top Ten, SANS CWE Top 25, and secure software development lifecycle (SDLC) methodologies
- hands-on experience with security testing techniques, including code review, vulnerability scanning, and penetration testing

💡 Nice to have
- knowledge and experience of industry standards such as ISO 27001, CIS Controls, NIST, Cyber Essentials 
- certification or accreditation in Information Security (CSSLP, CISM, CISA, CISSP, etc.,) and/or relevant vendor specific certifications