Description
JOB DESCRIPTIONJob Title:Application Security Architect
Location:UK
Department/Practice:
Cyber Practise
Job Purpose and primary objectives:
Application Security Architect
Key responsibilities (please specify if the position is an individual one or part of a team):
Preferred Security certified professional CISSP, CISM, CRISC, CISA
MUST have experience on Application Security for both on prem and on cloud applications. Application managed in house and third parties.
Must have hands on experience on Application threat modelling, application risk assessment using threat model frameworks like STRIDE, DREAD, PASTA
Must have Knowledge on Risk assessment framework like Inherent risk, residual risk..etc
Must have Application security assessment and Vulnerability management experience
MUST have knowledge on OWASP top 10 and mitigation of this threats in an enterprise environment.
Knowledge in MITRE ATT&CK, Cyber Kill Chain and impact on enterprise applications
Security documentation like policy definitions, architecture patterns, artefacts, Security design HLD, LLD. Decision paper based on risk and threat assessments.
Knowledge on security standards like GDPR, NIST, CIS, ISO 27001, PCI-DSS
Application knowledge like SCCM, Tivoli, UrbanCode, Tanium, Github, InTune, CyberArk, Qualys, SentinelOne
Key Skills/Knowledge:
Good communication Skills,
Good stakeholder management,
Good interpersonal skills.
Actively working as an individual contributor with self-drive and motivation.
Experience required:
Must have 10-15 years of Cyber Security experience
Duration of the Assignment:
Long Term (12 months)