Sensus
Xylem (XYL) is a leading global water technology company committed to developing innovative technology solutions to the worlds water challenges. The Companys products and services move, treat, analyze, monitor and return water to the environment in public utility, industrial, residential and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced infrastructure analytics solutions for water, electric and gas utilities. The Companys more than 16,500 employees bring broad applications expertise with a strong focus on identifying comprehensive, sustainable solutions. Headquartered in Rye Brook, New York with 2017 revenue of $4.7 billion, Xylem does business in more than 150 countries through a number of market-leading product brands.
The Role: As a member of the Global Security Technologies team, the Sr. Application Security Architect is responsible for leading the development and implementation of security architecture across Sensus technology platforms. This position will work across software development teams to identify component and system-level technical risks, identify and evaluate critical failure points, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines, and work with cross-functional teams to implement features according to product maps.
Essential Duties/Principal Responsibilities:
Provides architectural guidance and leadership on best practices regarding security in software development, user interface design frameworks, high-performance messaging solutions, server-side development, integrations, and tools and technologies.
Works with the business, operations, and systems team to identify the right architecture for implementing new solutions, products, and modules. Develop, implement, and maintain product security strategy for the entire product portfolio covering IoT, SmartGrid suites.
Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement, and maintain the security architecture for Sensus product portfolio.
Risk analysis, risk management, and communication of results with software/hardware development managers.
Champion the Sensus security SDLC. This includes security testing, penetration testing, identifying and fixing vulnerabilities in software and applications on all Sensus products.
Perform vulnerability research, assessment, and management; serve as technical security/risk advisor on all new technology developed by Sensus.
Perform threat modeling, static application security testing, code reviews, and secure design reviews for high-risk applications.
Determine testing requirements and strategies; automate security testing using a variety of scripting and open-source tools.
Implement or manage the implementation of common application security controls, ensuring that practices meet software certification processes.
Assist developers in remediating vulnerability findings by providing line-by-line guidance.
Provide training and education to developers on software security best practices.
Ability to present complex security topics to a wide range of internal and external audiences (engineers to executives).
Assist customer operations with secure deployment of Sensus products.
Expert level operational support for security escalations from customers.
Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:
BSCS or equivalent with 14 years experience.
Demonstrated expertise in product/application security architecture Service oriented architecture (SOA), Network security, application security, web services, Angular, JavaScript.
Deep technical experience in Security/Identity Management including SSO, LDAP, and Provisioning.
Strong Programming knowledge Java, C#.
Strong software development skills Agile, waterfall.
Strong operating systems knowledge Windows (all flavors), Red Hat Linux, Debian Linux.
Security audit, Vulnerability assessment, and packet analysis skills.
Scripting knowledge Linux scripting (bash), Windows scripting, Python or Perl.
Encryption expertise, HSM (Hardware Security Modules).
Database knowledge Postgres, MSSql, Oracle, Hadoop.
Strong project planning and execution skills.
Good analytical and debugging skills; creative ability, good organizational skills.
Self-motivated; ability to work under general supervision; receptive and supportive of team efforts.
Excellent written & oral communication skills and coordination with peers, end-users, and management.
Preferred: expertise in either Cloud computing security and/or Big data security.
Preferred: forensic analysis skills.
Additional Information:
Physical Demands:
Light lifting (20-25 lbs.), office environment.
Regularly required to sit or stand, reach, bend, and move about the facility.
Work Environment:
Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.
Standard weekly job hours: 40 hours.
EOE/Females/Minorities/Protected Veterans/Disabled
#J-18808-Ljbffr