|Technology Specialist- Security Architect|
|Job Location||Detroit, MI, USA|
|Job Length||Six Month to One Year|
|Other Required Skills||
- Bachelors Degree in Computer Science, Management Information
Systems or related discipline required. Master's Degree in related
- A minimum of 5-7 years experience working with core Oracle and
SQL databases, and 5+ years experience in Unix/Linux.
|Other Nice to Have Skills||
- Excellent analytical, organizational, verbal and written
- A high proficiency level in specific job related skills is
- Other related skills and/or abilities may be required to
perform this job.
|Minimum Immigration Status||H1B Visa|
|Job Starting Date||February 3, 2015|
|Wage/Salary||Hourly: Depending On Experience|
The Application Security Architect is responsible for assuring that IT application software and infrastructure are designed, implemented, and operated in accordance with applicable security standards and practices. Primary responsibilities include applications security, risk assessment, validation of security pen test results, problem resolution, system documentation, and system security management and support.
- Good understanding of the architecture and the various web application tier and database tier components: underlying objects, schemas/products, database objects, file system structure, tables, views, packages, procedures, sequences, indexes, and constraints.
- Conduct information security threat analyses on new and changed application development initiatives towards design, review, and incident response planning.
- Provide in-depth assistance with the integration of information security within the application development life cycle.
- Review security requirements at relevant phases for both technical and operational perspective. Reviews remediation activities for completeness.
- Identifying security requirements and recommending appropriate solutions to IT and business problems.
- Review application source code for vulnerabilities, using both manual and automated code scanning techniques aka Whitebox Testing.
- Perform vulnerability scanning and penetration testing at all application tiers using appropriate tools (network scanners, web scanners, database scanners, etc.) aka Blackbox Testing.
- Knowledge of operating systems (Windows, Unix) and common COTS products used to deliver web services, including IIS, Apache, Tomcat, Oracle Application Server, WebSphere, etc.
- Identify and convincingly explain the risks associated with common application vulnerabilities, demonstrate exploitation, and recommend mitigation options.
- Discern, document, and setup standard practices for application security audits.
- Partner with operations, audit, legal, compliance and administration teams to support the information security needs of their projects and ensure that risks are accurately identified and appropriately managed to the enterprise┐s accepted level of risk.
- Participate in developing standards for information technology security practices.
- Identify and evaluate tools and techniques to be used for capture, modeling and analysis of information security architecture.
- Analyze, review, customize and recommend security architectures for internal projects and initiatives.
- Identifies, implements, and monitors best practices for information security architecture.
- Determine and clearly communicate ┐ quantitatively where possible ┐ the information security risks to the application development teams.
- Assure compliance to security policies, standards, and procedures, including HIPPA, SOX, and CMS compliance.
- Monitor and recommend changes in standards that affect application security, especially in the area of privacy and identity theft.
- Initiate and promote activities to foster information security awareness and education among application development.
- Work with Information security peers and manager to assure standards compliance on various platforms (e.g., OSs, databases, networks, etc.) upon which application development group relies for the operation of its applications.
- Identify threats and risks to the confidentiality, integrity and availability of all data residing on information systems platforms.
If you already have your itjobs password, enter it below and your resume will be automatically forwarded to this job.
If do not have an itjobs password, click the button below will let you fill one out and submit it to the job.