Application Risk Architect – Financial Services
Locations:
Baltimore, MD; Long Island City, NY; Cincinnati, OH
Compensation
$100-$120K base + bonus
Description:
As a key member of the Information Security Team, the Application Risk Architect has responsibility for ensuring that technology risk considerations are identified and adequately addressed regarding new application development and modification. In addition to promoting best practices and secure application development, the Application Risk Architect will also be responsible for addressing specific company requirements for compliance with corporate IT policies, procedures and guidelines.
Working with system developers she/he will: ensure proper technology risk considerations are addressed at each phase of the system development life cycle and provide proactive solutions to correct exposures or mitigate risk; balance level of risk with business requirements to provide optimal solution; interface with the other Info Security Technology organizations, provide mentoring to more junior info security professionals, and keep abreast of new threats and vulnerabilities to systems and the industry to provide proactive solutions.
The Application Risk Architect will be accountable for researching, designing, engineering information security solutions (software & hardware) and utilizing in-depth technical knowledge and business requirements to meet customer / client needs while protecting the Bank's assets.
The Application Risk Architect will develop and interpret security standards, procedures, and guidelines for multiple platforms and diverse environments (e.g. client server, distributed, mainframe, etc.) in designing solutions, recommending enhancements or defining mitigating controls to existing systems. The individual should demonstrate a passion for and deep understanding of application security and software quality assurance and will exercise judgment within existing practices and policies to select methods, techniques, and evaluation criterion for obtaining results.
Qualifications:
Proficient in understanding business requirements and in all areas of technology risk. Strong technical, interpersonal, and communication skills are required. Hands on system/security administration and or system development background with at least two of the following platforms - mainframe, wintel, unix, or network is required. Must be a self-starter with proven experience working with minimal supervision but also demonstrate a strong commitment to team participation.
Security background must include experience in advising, instructing, mentoring and documenting security best practices. Proven leadership skills and ability to work with and influence developers, development managers, technology peers, and business contacts. Must have a good understanding of application security and development processes and proven ability to identify security threats and learn new areas quickly and to work with subject matter experts in the Bank to create new security standards and solutions. Other qualifications include: ability to present ideas to Info Security management and other stakeholders and research new areas or products.
Must have a minimum of 6 years in a systems architecture or application development experience in a technology risk/information security role. Masters Degree or equivalent work experience. CISSP desired.
If you are interested in this opportunity please send your resume in Word, a brief message describing your background and your contact information to Jeff AT altaassociates.com.
