Job Description :

Hope you are doing great.!!!

I am attaching a job description for your review. If you are interested so please revert me back with your updated resume. Please call me on Ext: 118 or e-mail me at

Title: JAVA Security Architect with Fortify Experience or IT Security Architect
Duration: 6+ Months
Location: Horsham, PA
Interview: Telephonic & F2F

This is a hands on Java Developer/architect role that will work on the Compass Team and interface with Client’s Security. Candidate will need to have hands on Java, Rest Services, Strong middleware background, Soap, Restful, MQ messaging. Will need to review the testing reports in Fortify, facilitate any code changes. Work with Architects to ensure code security issues are taken care of. Should be familiar with Siteminder and how it interfaces with the web server. Must be able to understand Application Roadmap.

What is the specific title of the position?
IT Security Architect

What Project/Projects will the candidate be working on while on assignment?

Multiple security related tasks and projects

Is this person a sole contributor or part of a team?

Part of a team

If so, please describe the team?

COMPAS Development team - size 30 people

Top 5-10 responsibilities for this position

The Security Architect for the COMPAS application is responsible for the evaluation of the impact of security programs on the application and for the development and governance of application security. This role is responsible for driving specific programs as well as the oversight of all application development to ensure developed solutions are secure and security concerns are addressed.
The architect also recommends information assurance/security solutions to support business requirements in a fast paced, evolving environment. This position will ensure that IT security is applied to the technology infrastructure and information in accordance with established enterprise and industry Policies, Procedures and Standards.

What software tools/skills are needed to perform these daily responsibilities?
What skills/attributes are a must have?

6 or more years of experience providing technical leadership and operational support for complex enterprise security projects/programs for large enterprise organizations
6 or more years of experience in network/applications/database security architecture, engineering, and technical oversight for large enterprise systems with PII/PHI/PCI/FISMA related data flows
Experience conducting and applying threat modeling to large and complex and virtualized architectures
Knowledge of infrastructure, application, and data security architecture best practices
Fluency with IT governance standards including NIST, COBIT, ISO 27001, OCTAVE, ITIL
Experience complying with regulatory guidance at the State and Federal level to include but not limited to SOX, HIPAA, HITRUST, GLBA, PCI-DSS, CMS/HHS and/or CFR Part 11
Experience executing security architecture processes within agile methodologies.
Specific experience leading security programs from requirements through implementation.
Experience working with large tier security vendors leading RFI/RFP’s
Experience with analyzing, troubleshooting, and investigating security-related, information systems'' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.

Experience with some or all of the following:

TCP/IP OSI Model, system logs (WMI, syslog, etc, antivirus, IDS/IPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event Correlation, Forensics, IDS/IPS rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems

What skills/attributes are nice to have?

Industry-specific certifications, including one or more of the following: C|CISO, CISSP, CISA, CISM, CGEIT or current JCNE/CCIE lab passed with a valid certification number.
Master’s degree in Information Security, Software Engineering