Application Security Architect Job Description Template
Our company is looking for a Application Security Architect to join our team.
Responsibilities:
- Strong understanding of common vulnerabilities in web and enterprise applications;
- Advocate and enforce cybersecurity best practices and share insights throughout the organization;
- Requires one of the following certifications: CISSP, CISM, CISA, TOGAF, GAIC, CIPT or equivalent;
- Manage relationships and interactions with human resources, legal, customers, and internal audit departments;
- Experience in using architecture methodologies such as SABSA, Zachman and TOGAF;
- Articulate application security solutions to business partners in a comprehensible manner;
- Engage with security architects to capture design requirements for application architectures and implementation strategies;
- Collaborate with engineers to create and implement standardized practices and follow routine processes to promote secure systems;
- Perform security architecture and design reviews of systems and applications developed;
- Participate in tactical projects as they arise to clarify and respond to identified security risks across different technical domains;
- Participate in on-call rotation for security operations responsibilities, including security incident response;
- Ability to understand business requirements and apply security without adversely affecting the desired functionality;
- Work with various teams to design a security strategy to enhance the security of the current software development lifecycle;
- Other duties as assigned;
- Execute tasks aligned to application security with autonomy.
Requirements:
- Excellent analytical, evaluative, and problem-solving abilities;
- Experience in and commitment to agile software delivery principles and practices;
- Understand different application types and the unique security threats each presents;
- Expertise in mitigating and addressing technology or application threat vectors;
- Familiarity with static code analysis tools and services;
- Bachelor’s Degree in Computer Science or related field – equivalent work experience will be considered;
- Able to travel to any domestic and international location;
- BS or MS Degree in Computer Science or related field;
- Experience with privacy requirements of a global corporation (e.g. GDPR, CCPA);
- Excellent knowledge of Relational Databases, SQL and ORM technologies (JPA2, Hibernate);
- Experience with various cloud providers (GCP/Azure/AWS);
- Hands on experience in designing and developing applications using Java EE platforms;
- Experience in Spring framework;
- Profound insight of Java and JEE internals (Classloading, Memory Management, Transaction management etc);
- Experience with Cloud and virtualized technology in environments such as AWS and Azure.