As the Application Security Designer & Architect you will perform risk based, technical assessments of applications, using both dynamic and static scanning tools.
About our client
As one of the largest companies in the world in their industry, our client exhibits a tremendous market share with a revenue of close to 2 billion Euro in 2015. They are present in the FTSE 50, boasting one of the most distinctive consumer brands in Europe. They have a market leading presence in Western Europe, the US and Australia as well as a wide range of B2B and B2C operations across Europe.
Their development centre in Romania is located in Cluj-Napoca, where they employ more than 250 people.
About the position
You will help design standards and controls necessary to ensure the security of information systems assets, including prevention of intentional and inadvertent modification access, destruction or disclosure. You will work closely with project teams ensuring security is thought about and delivered early in the project lifecycle. This position requires the supporting of multiple projects simultaneously and ensuring timely delivery of security inputs.
The job also consists of:
– Working as part of a team delivering against the architectural strategy and roadmap and providing security guidance.
– Identifying the threats that need be addressed during the development of new projects and conducting Threat Modelling workshops with product stakeholders and dev teams.
– Designing new projects secure from the first phases of SDLC together with software Architects.
– Building strong business relationships in order to understand mutual requirements, goals, options and solutions to complex or intangible software security issues.
– Providing solutions, options, ideas and advice to project through full service engagement.
– Facilitating the communication and development of our client`s standards for software and systems design, development and deployment.
– Developing plans for security technologies that will integrate effectively with other aspects of the technical infrastructure.
– Evaluating and researching emerging technologies to detect, triage and mitigate software security defects across the enterprise.
– Encouraging a security mindset throughout product development processes from concept to testing and implementatio
Technical experience with any of the following advantageous; SOA, EDA, Java SE/EE, Spring, web services, JMS, AJAX, .net, Oracle database, Oracle Coherence, IP networking, HA & DR;
Strong technical knowledge and ability to pick up new technologies quickly;
Proven impact on strategic development of technology in a medium or large sized company;
Ability to assist people to accurately and clearly articulate complex threats and risks, controls and mitigations;
Excellent understanding of vulnerabilities, threats and risks;
Ability to have a holistic view of technology across the business;
Strong analytical skills and ability to meet deadlines under pressure;
Ability to communicate with technical and non-technical audiences at all levels of the organization.
Background in finance or e-commerce;
Computer Science degree or equivalent professional certification desirable;
Proven experience as part of a complex architecture/development practice, working on multiple large and complex projects simultaneously;
Former exposure to an enterprise architecture framework an advantage (TOGAF, SABSA etc.);
Exposure to highly-transactional or very high throughput systems;
Past experience of managing and performing security assessments (design review & pen test);