Application Architect (Security)

  • Rose Hill, VA
  • Posted 6 days ago | Updated 8 hours ago

Overview

On Site
$Depends on Experience
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - 6 month(s)

Skills

security
AWS
Python
LDAP
load balancers

Job Details

Summary

  • The client is looking for an Application Architect with deep experience in application security review and design. The Application Architect should be a subject matter expert in defining app security requirements, performing application security assessments, and providing developer teams with guidance on security best practices.

Job Responsibilities

  • Work independently with application developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks.
  • Perform security architecture design reviews of Client developed applications
  • Perform code analysis of large applications, manually and using static application security testing (SAST) and dynamic application security testing (DAST) scanning solutions as well as conducting manual vulnerability analysis.
  • Provide remediation guidance and recommendations to developers and administrators.
  • Work with Application Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
  • Create security best practices and standards and ensure Application Development teams understand them and receive pertinent annual secure coding training

Skills Needed

  • 10+ years of demonstrated industry experience with application development, leadership and application security work
  • Proficiency in reading, writing, and auditing Python, Javascript, Angular, PL/SQL, Oracle Apex low-code and the ability to pick up new languages/technologies
  • Authoritative knowledge of OWASP
  • Strong familiarity with common vulnerabilities and attack vectors
  • Knowledge of web service technologies, load balancer services (i.e.Cloudflare, F5, etc.) and RESTful APIs
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OAUTH, SAML, LDAP, etc.)
  • Solid understanding of secure network and system design in both cloud (AWS) and conventional environments
  • The ability to communicate complicated technical issues and the risks they pose to developers, network engineers, system administrators, and management
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.