30 Sep
Software Security Architect
Vacancy expired!
- Lead software security program strategy based on business needs
- Evangelize the adoption of secure software development lifecycle methodology across enterprise
- Manage implementation and adoption of centralized application security services.
- Lead the assessment, metrics, and reporting of software security risk across IPG’s application portfolio
- Chair the global software security working group
- Act as primary point of contact for software security questions and mentoring for security champions
- Engage with third party venders to deliver software security tools and services
- Strong knowledge of or the ability & interest to learn common software risks (such as OWASP top 10)
- Familiarity with threat modeling, software composition analysis, and vulnerability disclosure programs
- Bachelor of Science in Computer Information Systems, Computer Science, Information Systems Management, related field or equivalent work experience
- 6+ years of combined hands-on experience in software development, application engineering, and hosted applications.
- Information Security certification or equivalent desired
- Knowledge of NIST-800 and Cloud Information Security (CIS).Strong understanding of development methodologies, particularly Agile and DevOps.
- Familiarity with static and dynamic application security, penetration testing and vulnerability assessment tools, such as Veracode, Checkmarx, Burp Suite and WPscan
- Familiarity with API standards and implementation (OAuth, JWT, JWYKey, Public key encryption, OpenId).
- Experience working with development technologies such as Microsoft .NET (C#), ASP.NET/MVC, WCF/Web API/REST, JavaScript frameworks, HTML+CSS3+Javascript.
- Able to explain impact of vulnerabilities and mitigating strategies to application development teams.
- Good oral and written communication skills
Vacancy expired!