Position Details
Application Architect Security Apply
Application Architect Security
Location - Alexandria, Virginia.
Location - Alexandria, Virginia.
Job Description:
Our Client is looking for an Application Architect with deep experience in application security review and design. The Application Architect should be a subject matter expert in defining app security requirements, performing application security assessments, and providing developer teams with guidance on security best practices.
Job Responsibilities:
Work independently with application developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks.
* Perform security architecture design reviews of Client developed applications
* Perform code analysis of large applications, manually and using static application security testing (SAST) and dynamic application security testing (DAST) scanning solutions as well as conducting manual vulnerability analysis.
* Provide remediation guidance and recommendations to developers and administrators.
* Work with Application Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
* Create security best practices and standards and ensure Application Development teams understand them and receive pertinent annual secure coding training.
Our Client is looking for an Application Architect with deep experience in application security review and design. The Application Architect should be a subject matter expert in defining app security requirements, performing application security assessments, and providing developer teams with guidance on security best practices.
Job Responsibilities:
Work independently with application developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks.
* Perform security architecture design reviews of Client developed applications
* Perform code analysis of large applications, manually and using static application security testing (SAST) and dynamic application security testing (DAST) scanning solutions as well as conducting manual vulnerability analysis.
* Provide remediation guidance and recommendations to developers and administrators.
* Work with Application Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
* Create security best practices and standards and ensure Application Development teams understand them and receive pertinent annual secure coding training.
Skills Needed:
* 10+ years of demonstrated industry experience with application development, leadership and application security work
* Proficiency in reading, writing, and auditing Python, Javascript, Angular, PL/SQL, Oracle Apex low-code and the ability to pick up new languages/technologies
*Authoritative knowledge of OWASP
* Strong familiarity with common vulnerabilities and attack vectors
* Knowledge of web service technologies, load balancer services (i.e.Cloudflare, F5, etc.) and RESTful APIs
* Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OAUTH, SAML, LDAP, etc.)
* Solid understanding of secure network and system design in both cloud (AWS) and conventional environments
* The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, syste
* 10+ years of demonstrated industry experience with application development, leadership and application security work
* Proficiency in reading, writing, and auditing Python, Javascript, Angular, PL/SQL, Oracle Apex low-code and the ability to pick up new languages/technologies
*Authoritative knowledge of OWASP
* Strong familiarity with common vulnerabilities and attack vectors
* Knowledge of web service technologies, load balancer services (i.e.Cloudflare, F5, etc.) and RESTful APIs
* Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OAUTH, SAML, LDAP, etc.)
* Solid understanding of secure network and system design in both cloud (AWS) and conventional environments
* The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, syste
