Encore Talent Solutions
Application Security Development Architect
Encore Talent Solutions, Cincinnati, Ohio, United States, 45208
Overview
Application Security Development Architect Responsibilities
Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). Support audit and compliance initiatives by providing documentation and evidence of secure development practices. Required Qualifications
Bachelors degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience.
Non-degree considered if 12+ years of related experience along with a high school diploma or GED Preferred Qualifications
5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. Experience with Securing Secrets and Service Accounts. Experience with Web Application Firewall (WAF) implementation/support. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP)?, Certified Ethical Hacker (CEH) certified. Familiarity with container security (Docker, Kubernetes). Experience in Threat Modeling. Understanding of authentication protocols (OAuth and SAML). Experience with DEVSECOPStools and container security tools. Location:
Remote Encore Talent Solutions is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills, and experiences within our workforce. Additional Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Not specified Industries: Industrial Machinery Manufacturing Referrals increase your chances of interviewing at Encore Talent Solutions by 2x Get notified about new Application Security Architect jobs in
Cincinnati, OH . #J-18808-Ljbffr
Application Security Development Architect Responsibilities
Define security architecture standards and blueprints for web, mobile, cloud, and Application Programming Interface (API)-based applications. Review design documents and perform architecture risk assessments for new and existing applications. Collaborate with DevOps, Engineering, and Infrastructure teams to ensure architectures align with secure design principles. Integrate automated security testing/scanning tools (Static Application Security Testing (SAST), Software Composition Analysis (SCA)) into Continuous Integration (CI) or Continuous Delivery (CD) pipelines. Define and enforce secure coding standards and practices across development teams. Provide training and guidance to developers on secure development principles and vulnerability prevention. Conduct threat modeling and attack surface reviews for high-risk or critical applications. Identify potential security flaws and recommend mitigations early in development process. Track and communicate technical risk to product managers, developers, and leadership teams. Develop and maintain application security policies, baselines, and architecture frameworks. Ensure application security practices align with regulations including General Data Protection Regulation (GDPR) and Payment Card Industry Data Security Standard (PCI-DSS). Support audit and compliance initiatives by providing documentation and evidence of secure development practices. Required Qualifications
Bachelors degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience.
Non-degree considered if 12+ years of related experience along with a high school diploma or GED Preferred Qualifications
5+ years in cybersecurity with at least 3 years in application security or secure software development experience. Secure Software Development Life Cycle (SDLC) in development. Deep knowledge of Open Web Application Security Project (OWASP) Top 10, National Institute of Standards and Technology (NIST), and secure coding frameworks. Experience with Securing Secrets and Service Accounts. Experience with Web Application Firewall (WAF) implementation/support. Familiarity with Identity and Access Management and cloud security practices (AWS, Azure). Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CSSLP)?, Certified Ethical Hacker (CEH) certified. Familiarity with container security (Docker, Kubernetes). Experience in Threat Modeling. Understanding of authentication protocols (OAuth and SAML). Experience with DEVSECOPStools and container security tools. Location:
Remote Encore Talent Solutions is an Equal Opportunity Employer. We respect and seek to empower each individual and support the diverse cultures, perspectives, skills, and experiences within our workforce. Additional Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Not specified Industries: Industrial Machinery Manufacturing Referrals increase your chances of interviewing at Encore Talent Solutions by 2x Get notified about new Application Security Architect jobs in
Cincinnati, OH . #J-18808-Ljbffr