IT Application Security Architect
IT Application Security Architect
Berlin, CT/ Westwood, MA
The IT Application Security Architect (ITASA) will work with IT to support all business units and various technology areas to ensure Confidentiality, Integrity and Availability to Eversource systems. The ITSA will succeed by working closely with Eversource project teams, Eversource Business Groups, and the IT Security team to ensure appropriate and effective security controls are in place for new Eversource initiatives.
The ITASA will, under the guidance of the Application Security Lead, mentor a team of application security engineers. This team will be responsible for reviewing, disseminating and updating security policies, standards, and controls related to application security. The team will also work with the responsible parties to identify, assess and remediate risks related to application security.
The ITSAA will work with the Application Security Lead to evaluate, recommend, design and implement application security solutions to increase Eversource's application security posture. Third party tools and partners will be evaluated as necessary, and automation of tools and processes will also be a driving goal. The ITASA will support the security roadmap for IT Security and lead the roadmap for application security by working with the other IT Architects to make sure it is aligned to Eversource domain standards and the overall security roadmap.
?? Develop and recommend cyber-security technology strategies, publish Eversource security standards, develop security solutions for projects and Infrastructure and methods to monitor compliance.
?? Provides security recommendations and functional requirements to internal business groups.
?? Coordinates and resolves complex technical security problems and challenges.
?? Anticipates and prepares for emerging business, application and infrastructure needs, and translates these needs into security requirements.
?? Runs and manages research, automation, and technology evaluation projects.
?? Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
?? Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to senior management
?? Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
?? Recommend effective process changes to enhance Eversource??s security posture.
?? Evaluate, test and select security tools, evaluation products, and control products.
Working hours: 8:00 AM - 5:00 PM
A minimum of 7 years of experience in the field of information technology plus additional 3-5 years of enterprise web development. Strong working knowledge of information systems security standards and practices. Knowledge across many of these areas:Application Encryption Key Management, Database Security, System authentication and authorization, Enterprise Directory Services, Azure SaaS /PaaS Security and Design, Web server configuration and hardening, Mobile Application security, Networking, or related information security subject area.
?? Experience with OWASP top 10
?? Experience standing up technical teams
?? Experience with application and systems architectures
?? Demonstrated knowledge of web application penetration tool sets
?? Bachelor??s degree preferred.
?? Experience with and knowledge of NIST, ISO27001, or COBIT
Randstad is a world leader in matching great people with great companies. Our experienced agents will listen carefully to your employment needs and then work diligently to match your skills and qualifications to the right job and company. Whether you're looking for temporary, temporary-to-permanent or permanent opportunities, no one works harder for you than Randstad. EEO Employer: Race, Religion, Color, National Origin, Citizenship, Sex, Sexual Orientation, Gender Identity, Age, Disability, Ancestry, Veteran Status, Genetic Information, Service in the Uniformed Services or any other classification protected by law.