Hi Everyone,
Hope you are doing great,
We have an immediate opportunity for ‘*Security Architect/SW
Architect-Security, at Denver, CO.* Below is the job description and if
you’d like to pursue this
Requirement, please include a word copy of your latest resume along with a
daytime phone number and rate in your response.
*Send resumes to s...@nytpartners.com <s...@nytpartners.com>*
*Job Role: Security Architect/SW Architect-Security*
*Location: Denver, CO*
*Duration: 9+ Months*
*Security Architect/SW Architect-Security*
*Data Compliance Lead*
- The Data Compliance Lead’s role is to ensure the secure operation of
the in-house systems, servers, and network connections in accordance with
internal processes, procedures, and compliance requirements as well as
Federal, State and Local laws. Tasks also includes conducting regularly
scheduled audits on internal systems and hosting third-party and/or Cloud
audits as required in order to maintain certifications and compliance
certificates. The data compliance lead also develops implements, maintains,
and oversees remediation and enforcement of internal security policies and
procedures.
*Top 3 Must Have Skills:*
- Data Compliance Lead is responsible for designing, publishing and
reviewing technology designs, security controls and solutions to reduce the
risk of unauthorized access, transmission and storage of confidential Ex:
IRS 1075, IRS Pub 1075, TOP, SSA, DHS, and PII and FTI data.
- Partner with security architects, other functional-area architecture,
engineering, and security specialists to ensure adequate security solutions
and controls are in place throughout the IT systems and platforms to
mitigate identified risks sufficiently, and to meet business objectives and
regulatory requirements Provide expert-level guidance to security analysts,
testers, and development teams during application security assessments.
Must be able to identify, re-create, and remediate security defects
- Other Desired Skills
- As and an expert/lead technical will define the information security
architecture and design for the application.
- Providing training for development and QA teams on how to implement
Secure Software Development Life Cycle S-SDLC into their existing practices
In-depth knowledge on common web application security flaws and secure
coding practices and the ability to clearly explain security issues to
project and development staff Ability to prioritize and track security
issues and work with the necessary teams to ensure remediation Serve as a
leader by promoting security awareness, mentoring other team members, and
staying up-to-date on current development methodologies (Agile/DevOps)
Understand HTTP, REST, SOAP, XML and JSON as it relates to APIs and AJAX,
Experience using and compliance testing REST and/or SOAP APIs Understanding
of AWS, Azure, and other cloud solutions, security issues and Security
controls in those environments
*Desired knowledge and experience includes*
- 7+ years in Information Security space
- 5+ years in enterprise software development
- Strong development background with prominent web or mobile development
languages and frameworks, provide security remediation advice to
development and testing teams; Strong experience with Threat Modeling in an
enterprise, not just theoretical Strong oral, written, and presentation
abilities -able to convey risk to all levels of the business, from C-level
executives to operations and development teams Strong understanding of web
applications and architectures, relational and non-relational databases,
and hardware architectures, and effectively applying the principles of
information security to IT environments Strong experience working in a
multi-platform, multi-protocol, distributed enterprise computing
environment Experience with Unix/Linux and Windows system administration
Some understanding of governance frameworks such as ITIL and ISO 27001;
Some project management experience: Able to assess needs, define
objectives, identify resources needed to achieve objectives and begin
implementation towards goal completion; Must be able to work effectively
alone and as part of a larger project team.
- Current understanding of Industry trends and emerging threats
Estimated Duration 04/03/2017 - 01/03/2018
*Qualifications:*
*Type Qualification Description
Competency Experience
Required *
- Skills AGILE - Agile Development Methodology
Advanced
- Skills AJAX
Proficient
- Skills Apache
Advanced
- Skills CISSP (security)
Advanced
- Skills Communication skills both verbal and
written Advanced
- Skills EJB
Proficient
- Skills EMC Cloud Architect (cloud)
Novice
- Skills GSEC (security)
Advanced
- Skills Integration planning and strategy
Proficient
- Skills Java
Proficient
- Skills JSON
Proficient
- Skills Oracle 12c
Proficient
- Skills Security+
Advanced
- Skills SOAP
Proficient
- Skills XML
Proficient
Thanks and Regards
Sam
New York Technology Partners – Rochester
332 Jefferson Rd.
Rochester, NY 14623
T1: (201) 680-0200 x 7026
Fax: (201) 474-8533
8 s...@nytpartners.com
8 www.nytp.com
--
--
To unsubscribe from this group, send email to
cbe-software-engineer-unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/CBE-Software-Engineer?hl=en
---
You received this message because you are subscribed to the Google Groups "CBE
Software Engineer" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cbe-software-engineer+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
