Description
Client is looking for Security Architect
The focus for this person should not be mainly on the infrastructural, identity and network part of the stack'. Although also important. Somebody that has proven experience in designing, operating, attacking'/testing and responding of Internet facing web enabled platforms, with a strong basis in knowledge on industry standards and best practices on building secure web application platforms.
The requirements (to do):
The security consultant have understanding and experience with:
- Secure Coding and Secure Testing Practices from Sand box to staging
- Improving the coding framework as per Industry best practices
- Identify key gaps and risks w.r.t existing Microsite Framework and propose mitigation approach
- Consult for a Policy document which endorsed by IT Infra & Ops.
- Consult with the solution that must will comply and uphold Security Principles based on an effective risk assessment.
- Risk assessment w.r.t Directive.
- Creating a secure coding guideline or Framework
- Improving the coding framework as per Industry best practices
- Identifying key gaps and risks w.r.t existing Microsite Framework and propose mitigation approach
- Policy document endorsed by IT Infra & Ops en help to (re)formulate this document
- Identifying improvements or create additional IT Infrastructure Specification Document (Including Security)