Application Security Designer & Architect

Full Time
Job Description

As the Application Security Designer & Architect you will perform risk based, technical assessments of applications, using both dynamic and static scanning tools.

About our client

As one of the largest companies in the world in their industry, our client exhibits a tremendous market share with a revenue of close to 2 billion Euro in 2015. They are present in the FTSE 50, boasting one of the most distinctive consumer brands in Europe. They have a market leading presence in Western Europe, the US and Australia as well as a wide range of B2B and B2C operations across Europe.
Their development centre in Romania is located in Cluj-Napoca, where they employ more than 250 people.

About the position

You will help design standards and controls necessary to ensure the security of information systems assets, including prevention of intentional and inadvertent modification access, destruction or disclosure. You will work closely with project teams ensuring security is thought about and delivered early in the project lifecycle. This position requires the supporting of multiple projects simultaneously and ensuring timely delivery of security inputs.

The job also consists of:
– Working as part of a team delivering against the architectural strategy and roadmap and providing security guidance.
– Identifying the threats that need be addressed during the development of new projects and conducting Threat Modelling workshops with product stakeholders and dev teams.
– Designing new projects secure from the first phases of SDLC together with software Architects.
– Building strong business relationships in order to understand mutual requirements, goals, options and solutions to complex or intangible software security issues.
– Providing solutions, options, ideas and advice to project through full service engagement.
– Facilitating the communication and development of our client`s standards for software and systems design, development and deployment.
– Developing plans for security technologies that will integrate effectively with other aspects of the technical infrastructure.
– Evaluating and researching emerging technologies to detect, triage and mitigate software security defects across the enterprise.
– Encouraging a security mindset throughout product development processes from concept to testing and implementatio

Desired skills

Required skills:
Technical experience with any of the following advantageous; SOA, EDA, Java SE/EE, Spring, web services, JMS, AJAX, .net, Oracle database, Oracle Coherence, IP networking, HA & DR;
Strong technical knowledge and ability to pick up new technologies quickly;
Proven impact on strategic development of technology in a medium or large sized company;
Ability to assist people to accurately and clearly articulate complex threats and risks, controls and mitigations;
Excellent understanding of vulnerabilities, threats and risks;
Ability to have a holistic view of technology across the business;
Strong analytical skills and ability to meet deadlines under pressure;
Ability to communicate with technical and non-technical audiences at all levels of the organization. 


Background in finance or e-commerce;
Computer Science degree or equivalent professional certification desirable;
Proven experience as part of a complex architecture/development practice, working on multiple large and complex projects simultaneously;
Former exposure to an enterprise architecture framework an advantage (TOGAF, SABSA etc.);
Exposure to highly-transactional or very high throughput systems;
Past experience of managing and performing security assessments (design review & pen test);


Privacy Preference Center


These cookies are necessary for our Sites to function and cannot be switched off. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of our website will not then work. These cookies do not store any personally identifiable information.

cs_count_views#, fc_1, fc_sb_1, gdpr[allowed_cookies], gdpr[allowed_cookies], gdpr[consent_types], gdprprivacy_bar, linkedin_oauth_#, PHPSESSID, wordpress_logged_in_[hash], wordpress_sec_[hash], wp-settings-[UID], wp-settings-{time}-[UID], wordpress_test_cookie


Functionality Cookies enable Us to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our website. If you do not allow these cookies then some or all of these services may not function properly.



Statistics cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. They help us to know which pages or features are the most and least popular and see how visitors move around our website. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor their performance.

_ga, _gat, _gat_gtag-UA_45539333_1,_gid


The __atuvc cookie is created and read by the AddThis social sharing site JavaScript on the client side in order to make sure the user sees the updated count if they share a page and return to it before our share count cache is updated.
No data from that cookie is sent back to AddThis and removing it when disabling cookies would cause unexpected behavior for users.