The Information Technology department has an exciting opportunity for a Security Architect to impact the changes/enhancements with the Cash Application Development team.
The Cash Line of Business is sponsoring a Cash Automation project to replace the legacy client server based application. You will be responsible for the security architecture and detail technical design for the Cash Forward application and work very closely with requirements elaboration team, the system and application architects, the hosting agency, and the Cash line of Business.
You will have an opportunity to:
Work with development teams to build security into the application platform
Review technical specifications (and design documents) and identify, document, and explain security vulnerabilities, threats, and risks
Consult with development teams to provide security best practices and secure design patterns
Assess the security of core platform infrastructure and provide recommendations for hardening environments
Analyze incidents and security review findings to determine security impact
Perform security code reviews and coordinate penetration testing
Perform risk assessment of new functionality
Oversee implementation of appropriate access controls to ensure access to systems, data and programs is restricted to authorized users
Ensure consistent interpretation and application of the security program through documented standards and procedures that support enterprise information security policies
Support the on-going assessment and measurement of information risk objectively and consistently
Provide leadership to team members and consulting to business leaders in addressing their information risk posture
Identification, testing and implementation of application scanning tools
Build a program to manage the prioritization and remediation of reported vulnerabilities
Qualifications:
BS degree in Information Security, Computer Science, Electronics and Engineering, or Information Technology or equivalent work experience
4 to 5 years in Information Technology and/or Information Security as Security Architect or Application Architect with Security knowledge and skill
One or more Security certifications (e.g. CISSP, CCSP, CISM, GSEC, SANS GIAG, ISSAP)
Expertise in security topics, such as database interaction, identity management, authentication methods, encryption, entitlements, logging, input validation, data protection, web security, etc., to provide developers with subject matter expertise
In depth, hands-on understanding and application architectures and technology (including web applications, web 2.0 technology, identity and access management)
Familiarity with threat modeling, code review, and penetration testing methods
Experience with finding and using open source tools for problem solving, incident management and avoidance
Proven ability to risk assess complex systems, understand vulnerabilities and recommending solutions
Strong knowledge of Web technologies: HTML, CSS, JavaScript, HTTP
Functional knowledge of cryptography: SSL, PGP, AES, SHA-2
Fluent in at least one programming or scripting language
Self-motivated with the ability to work independently and as a team member with minimal direction
Strong verbal and written communication to include interpersonal, influencing and negotiation skills with all levels of staff/management; and, demonstrated ability to work independently and with a team
Desired Skills:
Experience with authentication systems, SSO, PKI a plus
Fed Benefits – Just to name a few….
Medical Dental Vision benefits (Co-Pay)
401K Thrift plan with matching employee contribution up to 6% & Retirement Plan
Ten paid holidays per year, plus two or more weeks of paid vacation with the option to buy more
Flexible work schedules, including telecommuting
Great coworkers and customers
Brand new, state of the art onsite fitness center
A multitude of additional optional benefits such as life, home, auto, legal and pet insurance
** Interested candidates should submit their resume to www.frbsf.org//careers
The Federal Reserve Bank of San Francisco is an Equal Opportunity Employer. Our people proudly reflect the diversity and ideas of the communities we serve.
Salary: . Date posted: 10/12/2012
Global Compliance Jobs - 7 months ago
- save job
-
block
