March 15, 2019
Application Security Architect
About The Opportunity
Application Security Architect reporting into the DTMB\'s Michigan department. Responsible for the application security practices, guidelines and serve as application scanning subject matter expert.
- Application Security Architect reporting into the DTMB\'s Michigan department. Responsible for the application security practices, guidelines and serve as application scanning subject matter expert. Years of Experience
- 7+ years of experience in security architecture
- 10+ years of experience in information security (engineering, analyst, incident response)
- 10+ years of experience working with computer systems
- 10+ years of experience working with application architecture and application development
- 10+ years of experience working with network software and hardware, data or voice as well as experience with open and proprietary software and hardware
- Establish the target security/infrastructure architecture for security platforms (specific to applications/systems security)
- Acts as consultant and subject matter expert to leadership and project sponsor in defining the vision, objective and scope of major security related work projects and programs.
- Consults with project delivery teams and solution providers to implement security architecture frameworks and solutions.
- Consults and researches with vendor product specialists/sales, independent research organizations, on-site support engineers and fellow architects and administrators on best-fit technologies and also ensure compliance to department policies & standards and technology roadmap.
- Coordinate with Enterprise Architecture team for technology validation or suggestions for alternative solutions. If necessary, initiate Solution Assessments, Infrastructure Service Requests, and any applicable required documentation to implement the new technology.
- Advocates the use of emerging cyber security best practices, technologies, developing standards and procedures, promoting the usage of automated tools, developing strategies, and aligning practices with strategic initiatives.
- Authors requirements, including definition of dependencies on infrastructure consolidation efforts.
- Authors design related artifacts (Functional Design, System Design, Security Architecture)
- Produce architectural framework documents i.e., white papers, guidance documents, best practices, technical reports, etc.
- Performs security architecture and general security reviews for new infrastructure and system implementations
- Define Security/Information Assurance requirements (and dependencies).
- Specify key architectural aspects of the architecture view and identify other aspects that need definition.
- Project contributor representing security and participates in project plan development
- Provides project estimates based on past experience with security implementation-based projects and programs
- Leverage broad-based understanding of technology areas and end-to-end knowledge of current installations to craft architectural solutions or standards that can be applied across the enterprise.
- Operate within the context of the State of Michigan – State Unified IT Environment (SUITE) process methodology.
- Provide strategic and architectural support for cyber Security as a Subject Matter Expert.
- Provide support and subject matter expertise with respect to adherence to security controls (e.g. NIST 800, CIS, and related)
- Provide support and subject matter expertise with respect to adherence to Enterprise Architecture Frameworks (e.g. TOGAF or related)
- Experience in an enterprise level technology environment with a mature security department. Required 10 Years
- Demonstrates practical experience in application security Required 5 Years
- Practical experience consulting with project teams and solution providers Required 8 Years
- Demonstrates practical experience and in-depth knowledge of security controls (e.g. NIST and CIS Top 20 and related) Required 5 Years
- Demonstrates practical experience in Enterprise Architecture Frameworks such as TOGAF or related Required 5 Years
- Demonstrates practical experience in Open Web Application Security Project (OWASP) Required 5 Years
- Demonstrates practical experience and in-depth knowledge in Static and Dynamic Application Security Testing (using scanning tool such as IBM AppScan Required 5 Years
- Demonstrates practical experience in Identity and access management (IAM) Required 5 Years
- Demonstrates practical experience and in-depth knowledge with Application Security or Development (.Net, Java, Apex, PHP, Node.js, Ruby on Rails) Required 10 Years
- Experience working with current and emerging development methodologies (Waterfall, Agile, Extreme Programming and related) Required 10 Years
- Bachelors Degree in Computer Science, Information Systems or Engineering Required 4 Years
- Demonstrates practical, recent experience and in-depth knowledge of DevOps Required 5 Years
- Demonstrates practical experience with authentication/access control technologies (MS Active Directory, LDAP, SAML, Forms-based authentication, etc.). Required 5 Years
- Demonstrates practical experience and in-depth knowledge of security frameworks (e.g. ISO27001) Highly desired 5 Years
- Demonstrates practical experience and in-depth knowledge of regulatory security controls (e.g. PCI, HIPAA, CJIS, FISMA) Desired 5 Years
11 + Months
Please Contact me to discuss the hiring process!
Sr. Executive Recruiter
Contact: (310) 929-8421 Ext: 107
Hi! My name is Sushil Singh. Helping consultants with getting their desired job is what makes me feel alive. I build a unique relationship with each of my consultants and work on their profile as per their needs. I believe that my consultants are my assets and this motivates me to serve them in an even better manner. Hence, I work towards the success of every consultant I work with.