We are currently looking for an Enterprise Architect with experience of Application Security, to join an existing team with one of our financial services clients.
This will be working in a large-scale Cyber Security Programme covering a complex portfolio of delivery that ranges from ensuring a secure perimeter around legacy environments, bridging new cloud technologies with more traditional IT and driving Cyber innovation and education.
The role will be working in a fast-paced environment, taking ownership for the requirements' analysis, process design and solution design for a work package, initiative or component of a larger project or product, to realise customer value through excellence and execution. Working with the Product Owner or Project Manager to identify and understand the business need, analyse and prioritise the requirements, through to assessing, designing, testing and implementing agreed solutions.
Skills Required
- Excellent Application Security knowledge, skills & experience based on having worked in a regulated industry.
- Good knowledge of industry standard Application Security frameworks (e.g. OWASP, ISF, NCSC) and how these can be applied to develop robust & workable solutions, from the strategy level down to low level requirements.
- Experience of developing baseline App Sec requirements as part of the SDLC to provide the ‘how’ in relation to higher level policies/ standards and to enable application teams to securely build, procure, operate and maintain applications throughout their lifecycle. Includes experience of embedding Security requirements into relevant artefacts and processes.
- Good understanding of the security controls required for development pipelines, environments & data.
- Experience of developing processes & procedures to incentivise/ manage engineering partners to deliver security as quality.