Job Description :
Project specifications:

Role: Application Security Architect
Location: Jersey City, NJ.

Position Responsibilities:
Work with IT project community and to advise on application security standard controls and best practices.
Work closely with other IT operation groups for identifying and remediation of systems with security issues.
Should have practical implementation knowledge to advise IT development and implementation teams on how to fix potential vulnerabilities.
Advise senior management including business sponsors on Security risks and should be able to translate security risks to business impact.
Review application, database and network architecture and highlight risks.
Onboard applications into the existing Security frameworks and participate in an advisory capacity until project deployment.

Position Qualifications:
Candidate Background
1-3 years professional experience as an Application Developer.
5+ years of professional experience in an information security function for a financial, insurance, pharmaceutical, or similar commercial industry preferred.
Bachelor’s Degree in Computer Science or related field preferred.

Required Skills:

Perform Risk assessments for applications and underlying systems and recommend security requirements based on upstream Business requirements.
Should have knowledge on Network and Infrastructure architecture.
Ability to review and understand organizational security policies and incorporate into standard processes in a project.
Expert understanding of HTTP, HTTPS, and other application layer protocols.
Expert understanding of network layer protocols & industry best practices.
Demonstrated proficiency in developing secure solutions developed using common development frameworks (J2EE, .NET, Spring, Struts, Hibernate, etc) and languages (Java, C#, C++, etc)
Actively contributes to strategic security departmental planning in alignment with architectural goals.
Strong analytical and problem solving skills.
Excellent written, verbal communication & presentation skills.
Should be able to work as a team player.

Helpful Skills
CISSP Certified.
CISM/CISA Certified
GXPN, OSCP Certification
Experience with the following:
o Web application proxies
o Architecture Reviews
o DB vulnerability management
o Web Application vulnerability management