Senior Application Security Architect 20234797, Singapore -Recruitment

Posted 5 day

Skills
Best Practices Compliance Design Development Lifecycle Security Controls Information Security Standards Technical Acumen Analytics Application Architectures Awareness Big Data Business Logic Cloud Review Threat Modeling Migration PaaS Roadmap Security Design Network Security Oauth Microservices Information Security Consulting Reference Architecture Security Architecture Technology Development Security Risk Assessment IaaS Enterprise Technology Mobile Security Platform Security Cloud Security Hacking Web Application Security Consumer Technology Industry Trend Analysis SaaS Secure SDLC Infrastructure Facilitate Deliverables Data Security Reporting Web Application
Functions
Technology
Industries
Financial Services, Information Technology and Services

Description

Responsibilities:

  • Assess risk when business and technology decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding its clients and assets, by driving compliance with applicable laws, rules, and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct, and business practices, and escalating, managing and reporting control issues with transparency.
  • Review existing security profiles of applications, create security architecture baselines, identify gaps and define target/reference architectures to remediate gaps, and adopt best practices.
  • Define security architecture roadmap that leads to target state architecture. Prioritize architecture deliverables, and establish short-term, mid-term, and long-range architecture plans. Facilitate the migration to the reference architecture in alignment with the strategic plan.
  • Act as an advocate for the adoption of controls/tools/products that leads to the target state by building awareness and influencing key stakeholders. Expertise in managing stakeholder expectations across business and technology is required.
  • Develop security design patterns by identifying broader and emerging IS issues and drive adoption of patterns and best practices.
  • Provide security architecture consulting across the bank to multiple project teams and other domain architects.
  • Maintain an understanding of business issues, operating procedures, and priorities.
  • Understand current as well as emerging security threats and reflect changes in security architecture to mitigate threats. Perform industry trend analysis to evaluate and recommend new products/tools that will help improve the security posture of the organization.

Requirements:

  • This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required. 
  • Candidates should have in-depth subject matter expertise of application and data security, with adequate knowledge of infrastructure and network security. Requirements include.
  • 7+ years of experience as a Security Architect/Security Analyst/Penetration Tester/Information Security Officer in a similar organization.
  • In-depth, hands-on experience of Cloud Security across cloud service models (IaaS/PaaS/SaaS). Cloud security experience in one or more external cloud provider environments and services (e.g. AWS, Kubernetes/CloudFoundry, Salesforce) preferred.
  • Thorough understanding of modern application architectures and technology. Experience with cloud-native applications, microservices architecture, and container technology highly preferred.
  • Demonstrable experience in web application security, mobile security, API security (Oauth, OIDC). Must have SME level knowledge of web application vulnerabilities and business logic flaws and threats.
  • Extensive experience in security risk assessment and threat modeling of applications
  • Knowledge of Big Data/Analytics platform security will be an added advantage
  • Proficient in interpreting and applying policies, standards, and procedures.
  • Thorough understanding of Industry and Enterprise technology standards for Information Security
  • In-depth familiarity with security hacking tools and techniques.
  • Industry/Vendor Certifications Preferred – CISSP/CCSP/CSSLP, AWS Architect, AWS Security Specialty.
  • Bachelor’s degree/University degree.
  • Master’s degree preferred.

Similar to this job

Posted 5 day

Posted 5 day

SAP Security

Posted 5 day

Posted 5 day