W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9uzwnobmljywwgumvzb3vyy2vzl2pwzy9iyw5uzxitzgvmyxvsdc5qcgcixv0

Security Architect

Security Architect

  • Location

    Stuttgart, Baden-Württemberg

  • Sector:

    IT

  • Job type:

    Contract

  • Salary:

    Up to €500.00 per day

  • Contact:

    Drew Derry

  • Contact email:

    drew.derry@tecres.uk.com

  • Job ref:

    37068DD_1551717350

  • Published:

    16 days ago

  • Duration:

    6 Months + Possible Extension

  • Expiry date:

    2019-03-13

  • Start date:

    ASAP

  • Consultant:

    #

Security Architect
Location: Stuttgart, Germany
Rate: €500 per day (Negotiable)
Duration: 6 Months + Possible Extension
Start: ASAP

Objectives:
Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our cybersecurity capabilities, is seeking a Security Architect. He/she is responsible to consistently execute the global architecture and security strategy.

The main objective for the Security Architect is to deploy and operate application security capabilities, solutions and requirements. This includes to ensure the execution of code reviews and application focused attack as well as penetrating testing. The Specialist will also support the identification and remediation of application-level vulnerabilities to meet needs and business requirements.

Tasks:
Application Security:
Deploy, integrate and operate application security capabilities, solutions and requirements consistently
*Leverage and support given initiatives from Global CyberSecurity
*Identify and document application level vulnerabilities and ensure inadequate information risks are being addressed
*Review design specifications and identify system use scenarios with potential security implications
*Ensure that technical, architectural or design decisions will not lead to violations of security policies
*Assess the system architecture to identify potential security threats and vulnerabilities and determine their impact
*Communicate identified vulnerabilities, develop and recommended mitigation strategies
*Coordinate with involved parties and monitor remediation activities
*Provide guidance and recommendations for remediating application vulnerabilities
*Recommend and facilitate targeted application security training

Consulting & Innovation Support:
*Serve as a member during application build processes
*Provide consulting and on-demand support to innovation initiatives to drive speed to value

Proactive Guidance:
*Actively communicate and keep abreast of the latest trends in application security
*Stay current on industry leading practices
*Monitor application security threats and incorporate leading practices
*Proactively identify opportunities for improvements in application security

Experience:
*5 years of relevant work experience in security architecture and engineering
*Experience with a wide variety of application technologies and testing tools to include
*Experience in application software planning, development and integration into proposed business solutions
*Experience implementing comprehensive application testing methodology
*Experience identifying, evaluating and managing risk in a complex and changing environment
*Experience in developing and implementing countermeasures to identified application security risks
*Experience interacting with development teams to articulate security requirements and processes while collaborating on architecture and engineering design options, implementation, testing and user acceptance.
*Experience in working with software developers throughout the software development life-cycle (SDLC)
*Experience supporting security in DevOps processes
*Experience discerning an organization's security controls for application software based on vulnerabilities and business needs
*Experience working on a global team is preferred
*Financial Services, Fintech and/or Banking and automotive experience preferred

Skills:
*Deep understanding of a large organization's software related IT security principles and methods
*Knowledge of IT guidelines and corporate IT policies, IT standards, knowledge of IT council organization
*Advanced ability to identify security vulnerabilities
*Ability to evaluate technical concepts and solutions and to suggest alternative solutions
*Highly proficient in the configuration and deployment of applications in complex environments
*Advanced knowledge of application vulnerabilities such as parameter manipulation, injection attacks, buffer overflows and cross-site scripting
*Knowledge of application functionality such as authentication, authorization, data validation, encryption, exception handling, logging and language frameworks
*Strong understanding of software design tools, methods, techniques, and debugging principles
*Hands-on development experience and working knowledge
*Deep understanding of the operational impacts of security vulnerability
*High level of time management, organizational skills, and attention to detail with integrity and ownership of work.
*Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
*Strong ability to deal with conflicts
*At least one of the following certifications is required or must be obtained within your first 12 months of employment at DFS: CISSP, ISA, TISP in combination with TPSSE, CSSLP (or comparable)
*Following Certifications are preferred: CISA (or comparable)
*Willingness to travel
*Fluent in business English, German will be an asset
*Ability to motivate and find innovative solutions to implement the cyber security strategy


If you are interested in this role, can recommend anyone, or require further information please do not hesitate to contact Drew Derry on 01932 83 7792 or via email on