Application Security Architect Job Description
Application security architect
provides consulting and security guidance on emerging threats, vulnerabilities, and security practices that may have an impact on the security posture of the customer's environment.
Application Security Architect Duties & Responsibilities
To write an effective application security architect job description, begin by listing detailed duties, responsibilities and expectations. We have included application security architect job description templates that you can modify and use.
Sample responsibilities for this position include:
Maintain an in-depth knowledge of platforms and technologies such as J2EE, .NET and API management in order to provide interoperability solutions
Collaborate with architecture community to align Security technology roadmap with enterprise technology strategies
Define digital application security architecture based on enterprise reference architecture
Maintain an in-depth understanding of the security standards and technologies
Research on future security technologies and related features & functions and provide migration roadmap for applications
Identify and recommend new cost effective application security development solutions to meet/exceed business objectives
Define/Maintain digital application security design, development and deployment guidelines and standards
Define security runtime products and development tooling migration strategy and guidelines for digital applications
Conduct periodic Technology Health Check
Conduct periodic Technology currency reviews
Application Security Architect Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Application Security Architect
List any licenses or certifications required by the position: CISSP, CSSLP, PCI, CISM, OCSP, CRISC, CGFM, CPA, CIA, CISA
Education for Application Security Architect
Typically a job would require a certain level of education.
Employers hiring for the application security architect job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Information Technology, Technical, Information Systems, Information Security, Education, Computer Engineering, Business, Technology
Skills for Application Security Architect
Desired skills for application security architect include:
Principles
AWS
Web
Azure
Mobile
OWASP
Current and emerging security technologies
ISO
Threats and techniques for exploiting security vulnerabilities
API
Desired experience for application security architect includes:
10 Years of Experience Including Management and Application Security Penetration Testing
Full Understanding of Microsoft Office Products, Windows, Unix, and Linux
Certified Information Security Professional (CISSP) Required
Certified Ethical Hacker (CEH) or Offensive Security Certified Professional (OSCP)
Successfully implement the complete technology solution for projects supporting major, highly complex business applications with complex integration needs across multiple technology disciplines by defining development specifications, technical requirements, system performance objectives and identifying system modifications to meet objectives
Recommend, implement and own end-to-end technology and security design solutions
Application Security Architect Examples
1
Application Security Architect Job Description
Job Description Example
Our growing company is looking to fill the role of application security architect. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for application security architect
- Ensures web applications, APIs, and cloud services are planned, designed, developed, implemented and monitored in accordance with security policies and to meet compliance requirements
- Define strategies to implement the enterprise architecture design into the Financial Services applications
- Act as a key liaison between upper-level management, programmers, risk assessment staff and auditors
- Test final security structures and services to ensure they behave as expected
- Provide technical supervision for (and/or guidance to) a security team
- Champion secure development practices and lead implementation of fixing security issues
- Develop and manage an Application Security Program
- Helping define security standards for growing global company with over 18,000 global employees
- We believe that folks with great attitudes and a hunger to learn are more valuable than having all the latest certifications
- Assess PeopleSoft, OIAM, OBIEE
Qualifications for application security architect
- Identify gaps in current standards and services and negotiate enterprise vs
- Manage multiple assignments simultaneously, while working independently and with other designers and subject matter experts
- Review and present solutions to the Engineering Board representing the Line of Business
- Work with vendors to develop proofs of concept and develop solutions from conception to implementation
- Solid understanding of the major global regulators and regulatory, legislative and legal requirements (MAS, FINMA, OCC)
- Expert understanding of current industry and risk technology trends
2
Application Security Architect Job Description
Job Description Example
Our growing company is searching for experienced candidates for the position of application security architect. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for application security architect
- Work with a small project team as a hands-on leader
- The Architect also develops methodology and best practices with the national Infrastructure and Operations (I&O) practice team, and actively leads and participates in I&O business development opportunities
- Contribute to business development process at an existing client, emerging technology
- Promote thought leadership in emerging technologies
- Conduct vulnerability testing for systems, networks, and applications
- Become an expert and gain real-life experience in information security
- Wide range of opportunities for personal development and professional experience
- Be part of an organization with many experienced professionals in the area of IT security
- Document necessary security controls/requirements that should be in place
- Mentors and develops security staff, business and IT staff in adopting security techniques and security standards
Qualifications for application security architect
- BS in Computer Science or equivalent, 7 plus years’ experience in security operations and architecture
- The ability to manage and interact in a matrixes organization is essential
- Experience with programming languages such as Java, JavaScript, Visual Basic, Visual C++, C, COBOL, PYTHON, PERL
- Thorough understanding of security risk assessment and/or penetration testing concepts
- Direct experience with secure application development, application security risk mitigation techniques
- Effective communicator, capable of effectively translating and presenting complex technical concepts to both technical and non-technical management and customers, through oral presentations and written media (white papers and demonstrations)
3
Application Security Architect Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of application security architect. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for application security architect
- Work closely with Global Information Security Officer to ensure alignment between engineering and information security
- Define the Secure Development Lifecycle (SLDC) standards for the organization and work with the product architects to ensure that the engineering teams are following the standards
- Participate in application security architectural reviews with each product teams
- Develop secure coding training and education
- Evaluate new and emerging frameworks and technologies from an application development security perspective
- The Architect also develops methodology and best practices with the national Security and Infrastructure (S&I) practice team, and actively leads and participates in S&I business development opportunities
- Application layer design security documents including references architectures and design blueprints
- Lead the Threat Modeling program by performing security architecture / application reviews of products and applications
- Create security use, misuse and abuse cases for products and applications, to help create test plans to ensure adequate protection against threats
- Define and implement KPIs to effectively measure the program
Qualifications for application security architect
- Knowledge of various platform technologies including internet, network, distributed systems, desktop computing, voice, and threat management technologies
- Experienced with enterprise security controls including malware, protection, firewalls, intrusion detection systems, content filtering, internet proxies, encryption controls, and log management solutions
- Strong understanding of attacker methods, kill chain disruption
- 5+ years of experience in an information security
- A strong understanding of cloud (preferably Azure), big data technologies and internet
- Experience managing the security of an application on a cloud platform such as Azure
4
Application Security Architect Job Description
Job Description Example
Our company is growing rapidly and is looking for an application security architect. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for application security architect
- Assist project teams in implementing security measures to meet corporate policies and external regulations
- Mentor other Security Analysts in performing threat modeling and risk assessments
- Provide technical expertise and resolution for Threat Modeling and Risk Assessments
- Establish a strategic security architecture vision, including standards and frameworks that are aligned with overall business and IT strategies, and the enterprise architecture
- Provides project consulting, evaluating proposed solutions including vendor products for information security risks and recommending alternative solutions or compensating controls
- Integrates security into the development process
- Develops and delivers training around secure development lifecycle and secure coding practices
- Participates in the development of information security strategies, roadmaps, policies and standards
- Leads the design, configuration and integration of enterprise security solutions
- Reviews existing architecture, identifying design gaps, and recommends security enhancements
Qualifications for application security architect
- Experience implementing, managing or governing security technologies, including encryption, mobile application security, network security, intrusion detection and digital forensics
- Experience developing security domain architectures and standards
- Experience in assessing security risks
- Direct management of cross functional, sourced, or matrixes teams
- Security certifications (CISSP, GISP, GSEC, CEH)
- Experience with application security component development
5
Application Security Architect Job Description
Job Description Example
Our company is searching for experienced candidates for the position of application security architect. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for application security architect
- Participates in solution architecture design
- Achieves security architecture compliance on relevant regulatory requirements including Sarbanes-Oxley, PCI-DSS, HIPAA/HITECH, and data privacy requirements when applicable
- Serves as information security subject matter expert
- Understands current emerging security threats and designs security architecture to mitigate threats where possible
- Stays abreast of new security technologies and integrates into security architecture designs when appropriate
- Troubleshoots and assists with investigation and resolution of application security incidents
- Assists in determining security requirements by evaluating business strategies and requirements
- Participates in the plan and design of security systems by evaluating and applying world class application security frameworks and technologies
- Implements security systems by specifying intrusion detection methodologies and software
- Upgrades security systems by monitoring security environment
Qualifications for application security architect
- Experience with Azure and/or Cloudera
- Support internal customers with applying security during software development in existing solutions
- Security certifications are desirable, CISSP, CSSLP, CEH
- Retail, financial, healthcare payment transaction processing software vulnerabilities and authentication testing
- Experience with providing application security for financial institutions
- Soft skills - effective communication (internal, customer, legal counsel), collaboration (internal, external) and effective written skills (white papers, vulnerability specifications )