POSITION TITLE: Application Security Architect
DEPARTMENT: EAG - ITSD
DIVISION: Information Technology
FLSA STATUS: Exempt
UNION OR NON-UNION: Non-Union
REPORTS TO: Director of Enterprise Architecture
JOB BAND: D
The Application Security Architect is a leadership position responsible for application security in enterprise, web and mobile applications. This position is highly focused on the security domain and involves assessment of the current security setup, defining & implementing the strategic security architecture covering end to end security of all the applications.
As part of the Enterprise Architecture Group, this position will have the following primary responsibilities.
Define application security program for governing internal and external applications and services, define roadmap and oversee implementation.
Define standards and guidelines for the various development team that incorporate security as part of the development life cycle.
Validate & certify applications for functional and non-functional security requirements.
Some of specific activities for this role include,
- Establish standard set of functional and non functional security requirements for enterprise applications.
- Secure application by defining and implementing internal/external security framework.
- Define Enterprise authentication framework and strategy for extending SSO using Open ID and other standards.
- Define Enterprise entitlement framework and implement authorization for internal and external users.
- Define application development standards with specific focus on security; Coach, mentor the development team on the concepts and help in implementation.
- Collaborate closely with the Infrastructure security team to implement network and server level security.
- Manual and automated scan for vulnerabilities and provide security solutions to harden the applications against such vulnerabilities.
- Bachelor’s in Computer Science or related field or comparable industry experience required.
- 10+ years of overall IT application & implementation experience.
- 3+ years of experience as security architect with experience two of more of the following areas.
o Authentication, authorization & SSO framework for web application
o Vulnerability assessment for web application and experience with automated scan tools
o Experience in industry specification around vulnerability and threat management.
- 7+ years of hands-on application development and implementation experience in IT with specific focus on developing web applications.
- Excellent communication skills with proven ability to interact and negotiate with upper management.
- Ability to mentor/guide development team.
- Excellent interpersonal skills in areas such as teamwork, facilitation and negotiation
- Strong leadership skills
- Excellent planning and organizational skills
- Ability to understand the long-term ("big picture") and short-term perspectives of situations
- Ability to translate business needs into solution architecture requirements
- Ability to define multiple solution options to business problems
- Ability to quickly comprehend the functions and capabilities of new technologies
- Basic knowledge of business process re-engineering principles and processes
- IT Personnel
- Senior Management
- Business Users
ADA REQUIREMENTS (Required)
The ability to appear for work on time.
The ability to appear at a physical location.
The ability to perform job duties for a specific duration of time.
The ability to follow directions from a supervisor.
The ability to interact well with co-workers.
The ability to understand and follow work rules and procedures.
The ability to accept constructive criticism.
The ability to maintain regular/consistent attendance and adhere to scheduled shifts.
The ability to maintain regular/consistent attendance and a full-time schedule.
The ability to maintain current status on projects.
The ability to stay current on training/issues in field.
The ability to lead and manage others. (Supervisors and above).
Effective service depends upon each employee performing his/her duties to the best of his/her abilities. Frequent absences can disrupt business operations and create additional work for co-workers. Prompt and regular attendance is critical to the success of the company’s mission. Employees are encouraged to be conscientious concerning attendance to avoid any potential disciplinary action.
WORKING CONDITIONS (Required)
Standard office environment without unpleasant or hazardous conditions. Work requires typical physical demands required for office work.
This description is not intended to be construed as an exhaustive list of responsibilities, duties, or skills required for the job position. This job position may be changed or assume additional duties at any time. The employee may be requested to perform different or additional duties as assigned.