reaas Technology Solutions - Application Security Architect

Application Security Architect

As an Application Security Architect, you will be responsible for designing, implementing, and maintaining security solutions to protect our organization's applications and data from cyber threats. You will collaborate with cross-functional teams to integrate security best practices into the software development lifecycle and ensure compliance with industry standards and regulations.

Key Responsibilities:

- Design and implement secure architecture and controls for applications, APIs, and microservices, considering factors such as confidentiality, integrity, and availability.

- Conduct security assessments and code reviews to identify vulnerabilities and recommend remediation strategies.

- Develop and maintain security policies, standards, and guidelines to ensure consistent application of security controls across the organization.

- Collaborate with development teams to integrate security into the software development lifecycle, including requirements analysis, design review, and threat modeling.

- Implement and manage security tools and technologies, such as Web Application Firewalls (WAF), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).

- Provide technical leadership and guidance on security best practices to internal teams and external partners.

- Stay current with emerging threats and vulnerabilities, industry trends, and best practices in application security.

- Participate in incident response activities, including security incident investigation, analysis, and resolution.

Qualifications:

- Bachelor's degree in Computer Science, Information Security.

- 10 plus years of experience in application security architecture, design, and implementation.

- Strong understanding of web application security principles, including OWASP Top 10 vulnerabilities and common attack vectors.

- Hands on experience with security tools and technologies, such as WAF, SAST, DAST, and vulnerability management platforms.

- Proficiency in programming languages such as Java, C#, or Python, with the ability to review and analyze code for security vulnerabilities.

- Experience with cloud security architecture and best practices, particularly in AWS, Azure, or Google Cloud Platform.

- Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to technical and non-technical audience