Application Consultation Architect
Description
& SummaryPw
C is driving major change across information & cyber security by building a centralized model to provide security services across the entire member firm network.
Mandated at the network level, Network Information Security (NIS) operates outside IT & is responsible for this major program initiative, from definition of the security strategy to execution of the global Cyber Readiness Program, moving from local to centralized services.
Our mission is to identify, control & reduce the attack surface across the member firm network while increasing our adversaries’ cost of attack.
In order to deliver the Cyber Readiness Program the NIS team is structured into the following Pillars:
Information Security Risk & Compliance
CISO
Security Architecture, Engineering, Innovation & Transformation (SAEIT)
Cyber
Strategy & Alliances
Chief of Staff
NIS is building the first global cyber security function at Pw
C. Our mission protects 300, 000 Pw
C members across 160 member firms worldwide as well as our global clients.
If you are seeking an exciting career with the scope to grow your security skills through major change on a global scale, then NIS will empower you to do so.
NIS is responsible for the following services:
Security Architecture
Security Engineering
Innovation
Security Transformation
Application Security
If you love designing & building security technology this is the place to be. Within NIS we work closely with the business to define the NIS 5 year security roadmap. Gathering business requirements to combine Pw
C’s goals with conceptual long term security trends to create a target architecture for NIS to deliver against. From this future state plan the Security Engineering team breaks down long term goals into manageable projects and looks to technical security solutions to solve business problems. Designing & building security technology that span the wider Pw
C network of firms. Once security technologies are built the NIS team works to assist technology teams in designing and deploying compliant applications.
Range of Impact:
Employee possesses deep functional knowledge in a specific subject matter area or technical domain that is applied in the context of a broader understanding of the functional area and related systems and processes.
The candidate will contribute to the development of new subject matter/technical domain expertise.
Resolves complex problems by continuously applying significant independent judgment and by collaborating with others, and influences others, through work on projects and in teams, and/or through leading portions of larger projects
Demonstrates
- level abilities within Application Security.
Encourages improvement and innovation within Application Security and nurturing and developing
- experienced staff through coaching and written/verbal feedback.
Perform Application Security tasks with autonomy.
Responsibilities
Partner with technology delivery teams to assure that security is properly built in to the technology during the design phase
Engage with development teams to educate them around secure designs & compliance with the Information Security Policy
Champion use of NIS best practices and approved tools
Perform security review as part of the application readiness review process (ARR)
Provide consultation support on a variety of security related subjects
Metrics
Technologies are delivered through the ARR process with no security findings
Consultation Services team is viewed as a resource that supports and assists in technology delivery
Work with risk managers and business information security officers to mitigate risk for all technology deliverables
Requirements:
Degree Preferred : Bachelor Degree
Fields of Study: Information Technology, Computer Systems Analysis, Management Information Systems, Computer Applications, Computer Engineering, Computer Programming
Certification(s): OSCP, CISSP, ITIL, OSCE, OSWE, CEH, or GWAPT Certifications are a major plus
Skills required:
The ideal candidate would be 50% programmer and 50% hacker. Examples of qualifications that resemble this profile are as follows
3-5 years’ experience in a software development field such as Software Developer, Architect, Software Quality Assurance, or Application Security Engineer
Highly proficient in at least one of the following development languages: C#, C++, Java, . NET, Node. js, or Python
Possess a strong understanding of application architectural patterns, such as MVC, Microservices, Event-driven etc.
Creative, organized, responsive, and highly thorough problem solver
Possess strong business acumen with ability to work with application development, QA and security teams
Possess a restlessness or desire to break into things
Knowledge of the OWASP Top 10
Strong
- starter who has the ability to operate independently
Has solid understanding and experience with establishing software development policies across an organization
Excellent oral/written presentation skills with ability to communicate effectively with senior executive leadership; proficiency in preparation of presentations, analytical reports, and documents regarding program operational status, achievement and performance
Knowledge of effective controls for Application Security, Cloud & Services Hosting, Identity and Access Management, Data Protection, Borderless Connectivity, Endpoint Security, and Cyber Security Operations
Conversant with ISO 27002:2005/2013 information security standard
Demonstrating architectural domain knowledge including cloud application architecture and
- based deployment
Partnering with and enabling the development process to assure that security requirements are met while allowing for maximum speed to market
Supporting a leading edge development effort by developing standardized reusable security frameworks
Collaborating with multiple stakeholders across functional and technical skill sets
Aligning business requirements to complex security architecture frameworks
Managing multiple security assessments and changing priorities, simultaneously
Skills preferred:
Understanding and Passion for Agile/XP/Scrum/Kanban
Understanding of Test Driven Development built on User Stories
Understanding of Continuous Integration/Testing/Delivery/CI/CD
Familiarity with cloud architecture and services, such as AWS.
Familiarity with Metasploit, Burp Suite, Fuzzing, and Jenkins is preferred.
Familiarity with code reviews and penetration testing preferred.
Fii primul, care se va înregistra la oferta de muncă respectivă!
-
De ce să cauți de muncă pe Lucrezi.ro?
Alertă job![]()
În fiecare zi oferte noi de muncă ![]()
Puteți alege dintr-o gamă largă de locuri de muncă: Scopul nostru este de a oferi o gamă cât mai largă de opțiuni ![]()
Lasă să-ți fie trimise noile oferte prin e-mail ![]()
Fii primul care răspunde la noile oferte de muncă ![]()
Toate ofertele de muncă într-un singur loc (de la angajatori, agenții și alte portaluri) ![]()
Toate serviciile pentru persoanele aflate în căutarea unui loc de muncă sunt gratuite ![]()
Vă vom ajuta să găsiți un nou loc de muncă
