Randstad Technologies is seeking an IT Application Security Architect (ITASA) who will work with IT to support all business units and various technology areas to ensure Confidentiality, Integrity and Availability to company systems. The ITSA will succeed by working closely with project teams, Business Groups, and the IT Security team to ensure appropriate and effective web application and data security controls are in place for new initiatives.
The ITASA will, under the guidance of the Application Security Lead, be responsible for reviewing, disseminating and updating security policies, standards, and controls related to application security. The team will also work with the responsible parties to identify, assess and remediate risks related to application security. This will include code reviews, automation scripting, and review of system architectures.
The ITASA will work with the Application Security Lead to evaluate, recommend, design and implement application security solutions to increase the company's application security posture. Third party tools and partners will be evaluated as necessary, and automation of tools and processes will also be a driving goal. The ITASA will support the security roadmap for IT Security and may be responsible for the intake, development, assessment and management of the implemented tools.
- A minimum of 1-5 years of enterprise web development.
- Knowledge of information systems security standards and practices. Knowledge across many of these areas:
Application Encryption Key Management, Database Security, System authentication and authorization, Enterprise Directory Services, Azure SaaS /PaaS Security and Design, Web server configuration and hardening, Mobile Application security, Networking, or related information security subject area.
- Experience with OWASP top 10
- Experience with application and systems architectures
- Demonstrated knowledge of web application penetration tool sets is preferred
- Bachelor's degree preferred.
- The ability to learn on the job, and keep up with a face paced ever changing field.
- Experience with and knowledge of NIST, ISO27001, or COBIT 5
location: Berlin, Connecticut
job type: Contract
salary: $85 - 95 per hour
work hours: 8am to 5pm
1. Develop and recommend cyber-security technology strategies, publish company security standards, develop security solutions for projects and Infrastructure and methods to monitor compliance.
2. Provides security recommendations and functional requirements to internal business groups.
3. Coordinates and resolves complex technical security problems and challenges.
4. Anticipates and prepares for emerging business, application and infrastructure needs, and translates these needs into security requirements.
5. Runs and manages research, automation, and technology evaluation projects.
6. Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
7. Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to senior management
8. Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
9. Recommend effective process changes to enhance company security posture.
10. Works to stand up DevSecOps culture, with mentality to "shift left" security back to development teams through tools and training.
- Experience level: Experienced
- Minimum 8 years of experience
- Education: Bachelors (required)
- application architect (8 years of experience is preferred)
- .NET (8 years of experience is preferred)
- Azure (5 years of experience is preferred)
- SaaS (5 years of experience is preferred)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.