Application Security Architect

Company: EmergencyMD
Location: Lansing
Posted on: October 4, 2024

Job Description:

Experience:
--- 7+ years in security architecture--- 10+ years in information security (engineering, analyst, incident response)--- 10+ years working with computer systems--- 10+ years working with application architecture & application development--- 10+ years working with network software & hardware, data or voice as well as experience with open & proprietary software and hardware.
Required:--- Experience in an enterprise level technology environment with a mature security department--- Demonstrates practical experience in application security--- Practical experience consulting with project teams and solutions providers--- Demonstrates practical experience and in-depth knowledge of security controls (e.g. NIST and CIS Top 20)--- Demonstrates practical experience in Enterprise Architecture Frameworks such as TOGAF or related--- Demonstrates practical experience in Open Web Application Security Project (OWASP)--- Demonstrates practical experience and in-depth knowledge in Static and Dynamic Application Security Testing (using scanning tool such as IBM AppScan)--- Demonstrates practical experience in identity and access management (IAM)--- Demonstrates practical experience and in-depth knowledge with Application Security of Development (.Net, Java, Apex, PHP, Node.js, Ruby on Rails)--- Experience working with current and emerging developmental methodologies (Waterfall, Agile, Extreme Programming and related)
Highly Desired:--- Demonstrates practical experience and in-depth knowledge of security frameworks (e.g. ISO27001)
Desired:--- Demonstrates practical experience and in-depth knowledge of regulatory security controls (PCI, HIPAA, CJIS, FISMA)
Description:--- Establish the target security/infrastructure architecture for security platforms (specific to applications/systems security)--- Acts as consultant and subject matter expert to leadership and project sponsor in defining the vision, objective and scope of major security related work projects and programs.--- Consults with project delivery teams and solution providers to implement security architecture frameworks and solutions.--- Consults and researches with vendor product specialists/sales, independent research organizations, on-site support engineers and fellow architects and administrators on best-fit technologies and ensure compliance to department policies & standards and technology roadmap.--- Coordinate with the team for technology validation or suggestions for alternative solutions. If necessary, initiate Solution Assessments, Infrastructure Service Requests, and any applicable required documentation to implement the new technology.--- Advocates the use of emerging cyber security best practices, technologies, developing standards and procedures, promoting the usage of automated tools, developing strategies, and aligning practices with strategic initiatives.--- Authors requirements, including definition of dependencies on infrastructure consolidation efforts.--- Authors design related artifacts (Functional Design, System Design, Security Architecture)--- Produce architectural framework documents i.e., white papers, guidance documents, best practices, technical reports, etc.--- Performs security architecture and general security reviews for new infrastructure and system implementations--- Define Security/Information Assurance requirements (and dependencies).--- Specify key architectural aspects of the architecture view and identify other aspects that need definition.--- Project contributor representing security and participates in project plan development--- Provides project estimates based on past experience with security implementation-based projects and programs--- Leverage broad-based understanding of technology areas and end-to-end knowledge of current installations to craft architectural solutions or standards that can be applied across the enterprise.--- Provide strategic and architectural support for cyber Security as a Subject Matter Expert.--- Provide support and subject matter expertise with respect to adherence to security controls (e.g. NIST 800, CIS, and related)--- Provide support and subject matter expertise with respect to adherence to Enterprise Architecture Frameworks (e.g. TOGAF or related)
#J-18808-Ljbffr

Keywords: EmergencyMD, Battle Creek , Application Security Architect, Other , Lansing, Michigan