Пропустити навігацію EPAM

Application Security Architect Remote

Application Security Architect Description

Job #: 74573
Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.

EPAM is committed to providing our global team of 50,700+ EPAMers with inspiring careers from day one. EPAMers lead with passion and honesty and think creatively. Our people are the source of our success and we value collaboration, try to always understand our customers’ business, and strive for the highest standards of excellence. In today’s new market conditions, we continue to support operations for hundreds of clients around the world remotely, with the vast majority of our teams working from home. No matter where you are located, you’ll join a dedicated, diverse community that will help you discover your fullest potential.

DESCRIPTION


Mission: Our teams of consultants, designers, architects and engineers who enable our customers to be competitive and disruptive in the marketplace through innovative technology solutions while helping them to navigate successfully through multiple waves of technology change.

If you’re looking for dynamic career in large company that still has the start-up mindset, experience fast professional growth deeply connected to technology EPAM will be the ideal place for you to shine.

EPAM is looking for an Application Security Architect to join the Security practice to work directly with our biggest enterprise customers.

Responsibilities

  • Lead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to Testing
  • Establish secure software development lifecycle (SSDLC) programs
  • Support software development teams in secure development methodologies, tools, and processes
  • Train Software Development teams in the areas of secure development
  • Building Secure Architecture and Design for the projects
  • Communicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it
  • Cooperate with all sub-teams: BAs, Developers, QAs; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams – Cloud Security Engineers, Infrastructure Security Engineers or Penetration Testers

Requirements

  • Software Development or Security-focused university degree OR equivalent experience
  • Motivation to develop and grow in the field of Security
  • Familiarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM etc)
  • Familiarity of security threats and attack scenario, such as OWASP Top 10, Mitre Att@ck framework
  • Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools
  • Familiarity with the one or more tools in the following categories: Static Code Analysis, Static / Dynamic Application Security Testing, Penetration Testing, Intrusion Detection/ Prevention
  • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review
  • Familiarity with of security threat, their implementation and their classification
  • Understanding of main security concepts and principles
  • Understanding of main areas of protection and levels of defense

Nice to have

  • Knowledge of Security Features and Mechanisms provided by at least one OS and development platform/technologies
  • Understanding of mitigation mechanisms of threats
  • Familiarity of DevOps principles: CI/CD, test automation, shift-left security and shared responsibility models
  • Familiarity with existing security standards and regulations experience of requirements implementation
  • Understanding of basic principles of infrastructure security and penetration testing
  • Experience with cloud security controls and policies
  • Relevant certifications such as CISSP, CCSP, SANS GIAC or similar qualifications are a considered an advantage

We offer

  • Extended opportunity to grow professionally in a cross-cultural environment
  • Access to various on-line courses from leading provider
  • Access to engineering communities on a global scale
  • Unlimited access to LinkedIn learning solutions
  • Social benefits in line with local legislation
  • Health insurance and meal vouchers programs
  • Special discount program for EPAMers with providers across Malaga and in other cities around the world
  • Regular team collaboration events
  • Office in a good location with easy access
  • Referral bonuses
  • Relocation support (for people from other countries)

ПРИВІТ! ЯК МИ МОЖЕМО ВАМ ДОПОМОГТИ?

НАШІ ОФІСИ