Application Security Architect - MITS

St. Louis, MO

Posted: 09/21/2018 Job Category: Software Dev. - General/IT Job Number: 138393

Are you looking for a new and challenging opportunity? Do you have experience with application security? Technology Partners can help you make your next big career move a reality.

Technology Partners is currently seeking a talented person for an Application Security Architect position.

What You Will Be Doing:

You will build a collaborative working relationship with Corporate Information Security and Risk, company IT Services, Enterprise Application Services, Business Unit application development and information security teams, and others to develop, promote, and implement sound application security strategies across the company. You will perform duties as the primary resource for business units and functions not having internal application security resources and as a consultative resource for business units and functions having internal application security resources. You will determine application security requirements by evaluating business strategies and requirements against established company security standards, risk assessment methodology, and client requirements. You will research information security standards; conducts application security and vulnerability analyses and risk assessments; researches threats and attack vectors that impact applications. You will perform reviews to identify potential security gaps within the integrated systems of application components, data access dynamics and transaction flow. You will plan, coordinate, and take a leadership role in the design, integration, development, validation, and implementation of specific security policies, systems, and services. You will mentor company IT Services Cyber Security team and other IT staff members to enhance their knowledge of information security concepts, practices, tools, strategies, etc., and to improve the overall effectiveness of the information security program at the company. You will coordinate with company IT Services Technical Training team and/or independently implements and manages training programs for developers on secure code development practices. You will ensure application security program aligns with industry frameworks such as the NIST Cyber Security Framework, ISO27001, FFIEC Cyber Security Framework, PCI, and others as applicable. You will lead security design and application architectural reviews. You will also maintain documentation related to application security including the development of secure coding policies, procedures and standards, and ensures the Software Development Life Cycle (SDLC) used in company entities includes necessary security checkpoints, code review methodologies, etc. You will collaborate with the company IT Services Cyber Security team and business unit application security teams. You will also participate in incident response teams as a subject matter expert on application security.

What We Are Looking For:

  • Minimum of 3+ years in the following security functional areas: application security, authentication and authorization, identity and access management, dynamic application security testing, static application security testing, Middleware security, data security, and/or vulnerability management.

  • 7-10 years development/engineering experience using programming and scripting languages like .NET, C, C#, Perl, Python, Ruby, Java, SAML, web services APIs, etc.

  • Expertise in mitigating and addressing technology or application threat vectors

  • Experience with Web Application Firewalls, reverse proxies, and application security architecture.

  • Solid knowledge and understanding of securing all major web server environments and cloud platforms based on OWASP top ten recommendations

  • Knowledge of regulatory and statutory compliance requirements across industries

  • An Information Security and/or Web application security certification; e.g., SANS GWEB or GWAPT, CSSLP.

  • Must have superior communication (oral, written, presentation) and customer service skills.

It Would Be Great, but Not Required, if You Had:

  • Experience in developing design and architecture documents that are easily consumed and followed by SDLC teams

  • Expertise in building a defense in depth infrastructure security architecture that includes security controls across multiple technology stacks

  • Experience and knowledge of security/access control administration best practices associated with applications, servers and networks associated with Microsoft Active Directory, ADFS, SAML, etc.

  • Knowledge of Information Security compliance requirements including ISO 27001, NIST, PCI, HIPAA and GDPR

  • Bachelor's degree from a four-year college or university or equivalent.

If this position sounds like you, WE SHOULD TALK! We realize our people are our most valuable asset, that is why we offer the following benefits:

  • Health, Dental, and Vision insurance

  • 401(k) retirement plan

  • Long and Short-Term disability

  • Life insurance

  • Direct deposit

  • Referral program

Your better future is ready, and we want to put the right tools in your hands to get you there. Let's go!

Looking for more opportunities with Technology Partners?

Check out

Technology Partners is an Equal Opportunity Employer. Technology Partners does not discriminate on the basis of race, color, religion, sex, national origin, age, disability or any other characteristic protected by applicable state or federal civil rights laws.

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.

If I had to sum up our relationship in one word it would be quality. Quality organization, quality employees, and they help us provide a quality product.

Mary Heger, CIO & Vice President of Ameren

Find out how our outsourced helpdesk solutions can make a difference for you today.

Learn More