TechnoGen - Security Architect

Roles & responsibility

- Plan, research and design robust security architectures for any IT project. Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.

- Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.

- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.

- Oversee security awareness programs and educational efforts .Prepares system security reports by collecting, analyzing, and summarizing data and trends.

- Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

- Implementation of static and dynamic automated security testing tools and their deployment within Continuous Integration systems.

- Respond immediately to security-related incidents and provide a thorough post-event analysis

- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

- Knowledge of SAST & DAST tools

- Strong ethics and understanding of ethics in application security

- Understanding and familiarity with common code review methods and standards

- knowledge of OWASP tools and methodologies

- Understanding of HTTP and web programming

- Knowledge of common security requirements within JAVA application

- Knowledge of Secure SDLC practices

- Minimum of 5 years work experience in application security

- Ability to complete tasks and deliver professionally written reports for clients

- Ability to present findings to technical staff and executives

Desired Requirements:

- Possess current security certifications (e.g., CEH, CHFI, OSCP, CISSP)

- Experience with vulnerability scanning tools (e.g., AppScan,Qualys, Nessus, Nexpose, Saint)

- Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)

- Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify, Checkmarx)

- Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))

- Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)