Lamwork
APPLICATION SECURITY ARCHITECT RESUME EXAMPLE
Updated: July 26, 2024 - The Application Security Architect designs and implements robust security measures for products and services, ensuring compliance with internal policies and external regulations. They lead security architecture reviews, drive innovation in security practices, and coach development teams to enhance their security expertise. Operating in a dynamic environment, they manage multiple priorities to safeguard Merck's digital assets effectively.
Tips for Application Security Architect Skills and Responsibilities on a Resume 2. Application Security Architect, Pioneer IT Services Ltd., San Antonio, TX Job Summary:
Conducts evaluations and testing of application security in all Mathematica systems
Supports operations of vulnerability management and remediation
Troubleshoots escalated application security service desk tickets
Performs incident response and the remediation or mitigation of security incidents
Explains application vulnerability report items to development staff
Stays up to date on application security issues
Creates Threat Models of web applications
Develops and maintains applications to monitor security of Mathematica systems
Understands security of applications running on cloud infrastructure (Amazon Web Services (AWS), Azure, or other SaaS or PaaS, etc.)
Understands CI/CD pipelines like Jenkins and how they fit into a DevSecOps model
Skills on Resume:
Application Security Testing (Hard Skills)
Vulnerability Management and Remediation (Hard Skills)
Troubleshooting Skills (Hard Skills)
Incident Response (Hard Skills)
Communication and Collaboration (Soft Skills)
Threat Modeling (Hard Skills)
Security Monitoring and Automation (Hard Skills)
3. Application Security Architect, Fortress IT Solutions Corp., Detroit, MI Job Summary:
Drive cloud security engineering conversations representing product teams and aligning with VP of Security and customers
Actively assess existing product architecture, identifying security issues and prioritizing fixes.
Engineer and implement new Cloud security tools that tie into a DevSecOps processes.
Work with governance, compliance, and risk management teams to ensure software products and its AWS or Azure environment consistently meets the compliance requirements for certification.
Work with the Cloud Operations teams and product teams in the definition and implementation of security standards and best practices.
Design and build an API Gateway to prevent exposure of functional endpoints
Integrate the API Gateway to downstream authentication and authorization systems
Provide a global API Gateway solution and associated runbooks
Evangelize an API First mentality
Work with application experts to reimagine the architecture with cloud, security in mind
Skills on Resume:
Cloud Security Engineering (Hard Skills)
Architecture Assessment (Hard Skills)
DevSecOps Implementation (Hard Skills)
Compliance and Risk Management (Hard Skills)
Security Standards and Best Practices (Hard Skills)
API Gateway Design and Implementation (Hard Skills)
Authentication and Authorization Integration (Hard Skills)
Evangelizing API First Mentality (Soft Skills)
4. Application Security Architect, NextGen Security Inc., Indianapolis, IN Job Summary:
Assist in breaking down monoliths to microservices
Integrate secrets management to prevent the exposure of credentials
Utilize tools such Veracode to promote writing secure code and static analysis
Design and produce sequence diagrams for user management, authentication, and authorization scenarios
Implement single-sign-on and multi-factor authentication
Work with container platform experts to integrate container image scanning
Improve devops pipeline with automated security testing
Provide mentorship to other IT engineers, analyst and administrators
Provide regular status reporting to key stakeholders on the overall cloud security, including plan execution and risk identification, prioritization and triage.
Assist with build vs buy decisions and how to break down the pros and cons of various options.
Stay up to date on initiatives across the industry and the enterprises to help leadership effectively prioritize.
Skills on Resume:
Secrets Management (Hard Skills)
Security Code Analysis (Hard Skills)
Sequence Diagram Design (Hard Skills)
Authentication and Authorization (Hard Skills)
Container Security (Hard Skills)
DevOps Automation (Hard Skills)
Mentorship and Communication (Soft Skills)
5. Application Security Architect, Silicon Defense Ltd., Mountain View, CA Job Summary:
Advises IT and Security leaders in evolving Tech Data’s security strategies, technologies and processes.
Responsible for security architectures and effectiveness as security-by-design
Design security solutions, plan and implement security technologies
Perform risk assessments of internal services and 3rd parties, drive remediation and improvements
Matures the ISMS, security policies, standards and procedures, performs MandA due diligence
Prepares and delivers security trainings to IT and Business colleagues
Manage automated secure coding tools and processes (SAST, DAST,IAST)
Produce security reports pertaining to application security vulnerabilities.
Build, maintain, and enforce application security development policies, proceduresand standards
Maintain current knowledge of security threats and vulnerabilities that could impact products and technology stack components, and help product teams identify solutions that meet security requirements.
Provide subject matter expertise on secure design and coding practices, assist in building and rolling out related guidelines and standards, perform manual source code reviews for high risk components
Build secure code library (security code snippets, common libraries, cryptographic libraries)
Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines
Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls.
Skills on Resume:
Security Strategy Advisory (Soft Skills)
Security Architecture Design (Hard Skills)
Security Solution Planning and Implementation (Hard Skills)
Risk Assessment and Remediation (Hard Skills)
Information Security Management System (ISMS) Development (Hard Skills)
Security Training Delivery (Soft Skills)
Management of Automated Secure Coding Tools (Hard Skills)
Security Reporting and Analysis (Hard Skills)
6. Application Security Architect, Protech Solutions Corp., Los Angeles, CA Job Summary:
Design and develop in-depth security architecture and perform threat modelling for products and services of Merck.
Define secure system development lifecycle and product security maturity model.
Develop security controls and processes for products/services developed and deployed in cloud and on-promise.
Define coding standards across application and data security
Define a standardized set of security requirements, and align with internal Merck policies and meet external compliance/regulatory requirements like GxP, GDPR etc.
Lead the reviews of the security architecture defined and application designs, and review audit source codes.
Stay relevant and lead innovation in application security best practices.
Coach the application development teams on secure system development lifecycle and security best practices to upskill the security expertise of application developers.
Work in a dynamic environment and handle multiple priorities.
Skills on Resume:
Security Architecture Design (Hard Skills)
Threat Modeling (Hard Skills)
Secure System Development Lifecycle (SDLC) (Hard Skills)
Product Security Maturity Model (Hard Skills)
Cloud and On-Premise Security (Hard Skills)
Coding Standards and Security Best Practices (Hard Skills)
Compliance and Regulatory Alignment (Hard Skills)
Innovation and Leadership (Soft Skills)
7. Application Security Architect, Gatekeeper Security Ltd., Portland, OR Job Summary:
Application security analysis, including code and architecture review, analysis of data flows, and penetration testing
Consulting with engineering teams on the design, development, and operation of the Mindstrong service
Acting as a security liaison between Engineering and the company
Building tools to automate and integrate application security testing and assurance
Functioning as an internal advocate and resource on secure software engineering and application security practices
Identifying security-focused metrics for collection and analysis
Launching Mindstrong’s vulnerability disclosure and bug bounty programs
Providing specific risk assessment and remediation guidelines
Helping handle and triage findings from security tools, including static and dynamic scanners
Skills on Resume:
Application Security Analysis (Hard Skills)
Consultation with Engineering Teams (Soft Skills)
Security Liaison Role (Soft Skills)
Tool Development and Automation (Hard Skills)
Internal Advocacy for Secure Software Engineering (Soft Skills)
Metric Identification and Analysis (Hard Skills)
Vulnerability Disclosure and Bug Bounty Programs (Soft Skills)
Risk Assessment and Remediation Guidance (Hard Skills)
8. Application Security Architect, SafeNet LLC, Kansas City, MO Job Summary:
Operationalize a robust cybersecurity program focusing on the cloud application side of the IoT conversation.
Report to the Product Security Lead and provide support for all areas of product cybersecurity including secure by design strategies, risk management, testing, training, and product incident response.
Implement and improve a strong product cybersecurity program
Advise product development teams regarding security principles, secure architecture, the implementation of cybersecurity controls, the design and coding of security-related features, and the secure delivery and deployment of applications.
Hands on application security assessments including use of static, dynamic and interactive tools
Use and integrate into CI/CD pipeline commercial and open source tools to achieve security goals
Perform vulnerability triage to prioritize issues, eliminate false positive, articulate issues to developers and provide the best practices and governance for remediation
Assist with security testing of products, including internal penetration testing and working with third-party security assessment and pen testing companies.
Collaborate with and train developers and infrastructure teams to remediate vulnerabilities and develop best practices
Responds to product security questionnaires and key contributor to PSIRTs
Identify new and emerging security tools and practices for implementation
Participate in ISAOs (Information Sharing and Analysis Organizations) and H-ISAC
To fulfill this role, a regular cadence of study in cybersecurity and attendance at conferences
Skills on Resume:
Cybersecurity Program Operationalization (Hard Skills)
Product Security Expertise (Hard Skills)
Program Improvement (Soft Skills)
Security Advisory and Guidance (Soft Skills)
Application Security Assessment (Hard Skills)
CI/CD Integration (Hard Skills)
Vulnerability Management (Hard Skills)
Collaboration and Training (Soft Skills)
9. Application Security Architect, CyberSecure Corp., Austin, TX Job Summary:
Working in a rapidly moving microservices ecosystem that supports a wide variety of languages and build tooling.
Driving the adoption of these security tools and techniques into all development teams.
Work effectively, not just within own team but also with other development teams both locally and in other timezones
Partner with application service teams to develop and implement application security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit;
Collaborate on development of secure solutions, patterns and frameworks to address security risks and threats
Embed secure-by-design and secure-by-default into standard working practices and technologies
Continuously review the design and effectiveness of application security controls and develop a program of continuous security improvement relating to SDLC
Support and grow the maturity of application security and architecture through partnerships on Workday key business deliverables.
Improve in-house security tooling and solutions
Educate, and support Workday to understand the changing application security threat landscape.
Stay ahead of industry technology and business trends. Actively drives product technology and engineering process innovation to help Workday be a leader in Security
Skills on Resume:
Proficiency in Microservices Ecosystem (Hard Skills)
Application Security Expertise (Hard Skills)
Security Standards Development (Hard Skills)
Secure Solution Development (Hard Skills)
Security Integration (Hard Skills)
Continuous Security Improvement (Hard Skills)
Innovation and Education (Soft Skills)
10. Application Security Architect, Quantum Secure Inc., Omaha, NE Job Summary:
Help the broader Security Engineering team to define and integrate Security Architecture standards for the rest of the organization.
Know this can’t be done in a bubble and are ready to roll sleeves and work with Engineering peers.
Have consultation and education for Phreesia Engineering.
Help educate and provide answers to sometimes challenging security questions.
Build (both visually and via documentation) threat models and work to standardize the process across Phreesia
Become intimately involved in helping to design a large-scale transition Phreesia is undertaking to CI/CD pipelines and help design to security best practices on container release platforms.
Review most critical applications and technology stack from the ground up.
Familiar with things like GitOps, Container Release infrastructure, Kubernetes, and container ecosystems (yes, all the pieces around K8s) at least conceptually and help understand and define point controls.
Dig into code to seek deep understanding.
Help to perform risk analysis of new and current build projects
Skills on Resume:
Security Architecture Standards Development (Hard Skills)
Collaboration and Teamwork (Soft Skills)
Consultation and Education (Soft Skills)
Problem-solving and Communication (Soft Skills)
Threat Modeling (Hard Skills)
CI/CD Pipeline Security (Hard Skills)
Technical Proficiency and Code Analysis (Hard Skills)
#J-18808-Ljbffr
Updated: July 26, 2024 - The Application Security Architect designs and implements robust security measures for products and services, ensuring compliance with internal policies and external regulations. They lead security architecture reviews, drive innovation in security practices, and coach development teams to enhance their security expertise. Operating in a dynamic environment, they manage multiple priorities to safeguard Merck's digital assets effectively.
Tips for Application Security Architect Skills and Responsibilities on a Resume 2. Application Security Architect, Pioneer IT Services Ltd., San Antonio, TX Job Summary:
Conducts evaluations and testing of application security in all Mathematica systems
Supports operations of vulnerability management and remediation
Troubleshoots escalated application security service desk tickets
Performs incident response and the remediation or mitigation of security incidents
Explains application vulnerability report items to development staff
Stays up to date on application security issues
Creates Threat Models of web applications
Develops and maintains applications to monitor security of Mathematica systems
Understands security of applications running on cloud infrastructure (Amazon Web Services (AWS), Azure, or other SaaS or PaaS, etc.)
Understands CI/CD pipelines like Jenkins and how they fit into a DevSecOps model
Skills on Resume:
Application Security Testing (Hard Skills)
Vulnerability Management and Remediation (Hard Skills)
Troubleshooting Skills (Hard Skills)
Incident Response (Hard Skills)
Communication and Collaboration (Soft Skills)
Threat Modeling (Hard Skills)
Security Monitoring and Automation (Hard Skills)
3. Application Security Architect, Fortress IT Solutions Corp., Detroit, MI Job Summary:
Drive cloud security engineering conversations representing product teams and aligning with VP of Security and customers
Actively assess existing product architecture, identifying security issues and prioritizing fixes.
Engineer and implement new Cloud security tools that tie into a DevSecOps processes.
Work with governance, compliance, and risk management teams to ensure software products and its AWS or Azure environment consistently meets the compliance requirements for certification.
Work with the Cloud Operations teams and product teams in the definition and implementation of security standards and best practices.
Design and build an API Gateway to prevent exposure of functional endpoints
Integrate the API Gateway to downstream authentication and authorization systems
Provide a global API Gateway solution and associated runbooks
Evangelize an API First mentality
Work with application experts to reimagine the architecture with cloud, security in mind
Skills on Resume:
Cloud Security Engineering (Hard Skills)
Architecture Assessment (Hard Skills)
DevSecOps Implementation (Hard Skills)
Compliance and Risk Management (Hard Skills)
Security Standards and Best Practices (Hard Skills)
API Gateway Design and Implementation (Hard Skills)
Authentication and Authorization Integration (Hard Skills)
Evangelizing API First Mentality (Soft Skills)
4. Application Security Architect, NextGen Security Inc., Indianapolis, IN Job Summary:
Assist in breaking down monoliths to microservices
Integrate secrets management to prevent the exposure of credentials
Utilize tools such Veracode to promote writing secure code and static analysis
Design and produce sequence diagrams for user management, authentication, and authorization scenarios
Implement single-sign-on and multi-factor authentication
Work with container platform experts to integrate container image scanning
Improve devops pipeline with automated security testing
Provide mentorship to other IT engineers, analyst and administrators
Provide regular status reporting to key stakeholders on the overall cloud security, including plan execution and risk identification, prioritization and triage.
Assist with build vs buy decisions and how to break down the pros and cons of various options.
Stay up to date on initiatives across the industry and the enterprises to help leadership effectively prioritize.
Skills on Resume:
Secrets Management (Hard Skills)
Security Code Analysis (Hard Skills)
Sequence Diagram Design (Hard Skills)
Authentication and Authorization (Hard Skills)
Container Security (Hard Skills)
DevOps Automation (Hard Skills)
Mentorship and Communication (Soft Skills)
5. Application Security Architect, Silicon Defense Ltd., Mountain View, CA Job Summary:
Advises IT and Security leaders in evolving Tech Data’s security strategies, technologies and processes.
Responsible for security architectures and effectiveness as security-by-design
Design security solutions, plan and implement security technologies
Perform risk assessments of internal services and 3rd parties, drive remediation and improvements
Matures the ISMS, security policies, standards and procedures, performs MandA due diligence
Prepares and delivers security trainings to IT and Business colleagues
Manage automated secure coding tools and processes (SAST, DAST,IAST)
Produce security reports pertaining to application security vulnerabilities.
Build, maintain, and enforce application security development policies, proceduresand standards
Maintain current knowledge of security threats and vulnerabilities that could impact products and technology stack components, and help product teams identify solutions that meet security requirements.
Provide subject matter expertise on secure design and coding practices, assist in building and rolling out related guidelines and standards, perform manual source code reviews for high risk components
Build secure code library (security code snippets, common libraries, cryptographic libraries)
Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines
Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls.
Skills on Resume:
Security Strategy Advisory (Soft Skills)
Security Architecture Design (Hard Skills)
Security Solution Planning and Implementation (Hard Skills)
Risk Assessment and Remediation (Hard Skills)
Information Security Management System (ISMS) Development (Hard Skills)
Security Training Delivery (Soft Skills)
Management of Automated Secure Coding Tools (Hard Skills)
Security Reporting and Analysis (Hard Skills)
6. Application Security Architect, Protech Solutions Corp., Los Angeles, CA Job Summary:
Design and develop in-depth security architecture and perform threat modelling for products and services of Merck.
Define secure system development lifecycle and product security maturity model.
Develop security controls and processes for products/services developed and deployed in cloud and on-promise.
Define coding standards across application and data security
Define a standardized set of security requirements, and align with internal Merck policies and meet external compliance/regulatory requirements like GxP, GDPR etc.
Lead the reviews of the security architecture defined and application designs, and review audit source codes.
Stay relevant and lead innovation in application security best practices.
Coach the application development teams on secure system development lifecycle and security best practices to upskill the security expertise of application developers.
Work in a dynamic environment and handle multiple priorities.
Skills on Resume:
Security Architecture Design (Hard Skills)
Threat Modeling (Hard Skills)
Secure System Development Lifecycle (SDLC) (Hard Skills)
Product Security Maturity Model (Hard Skills)
Cloud and On-Premise Security (Hard Skills)
Coding Standards and Security Best Practices (Hard Skills)
Compliance and Regulatory Alignment (Hard Skills)
Innovation and Leadership (Soft Skills)
7. Application Security Architect, Gatekeeper Security Ltd., Portland, OR Job Summary:
Application security analysis, including code and architecture review, analysis of data flows, and penetration testing
Consulting with engineering teams on the design, development, and operation of the Mindstrong service
Acting as a security liaison between Engineering and the company
Building tools to automate and integrate application security testing and assurance
Functioning as an internal advocate and resource on secure software engineering and application security practices
Identifying security-focused metrics for collection and analysis
Launching Mindstrong’s vulnerability disclosure and bug bounty programs
Providing specific risk assessment and remediation guidelines
Helping handle and triage findings from security tools, including static and dynamic scanners
Skills on Resume:
Application Security Analysis (Hard Skills)
Consultation with Engineering Teams (Soft Skills)
Security Liaison Role (Soft Skills)
Tool Development and Automation (Hard Skills)
Internal Advocacy for Secure Software Engineering (Soft Skills)
Metric Identification and Analysis (Hard Skills)
Vulnerability Disclosure and Bug Bounty Programs (Soft Skills)
Risk Assessment and Remediation Guidance (Hard Skills)
8. Application Security Architect, SafeNet LLC, Kansas City, MO Job Summary:
Operationalize a robust cybersecurity program focusing on the cloud application side of the IoT conversation.
Report to the Product Security Lead and provide support for all areas of product cybersecurity including secure by design strategies, risk management, testing, training, and product incident response.
Implement and improve a strong product cybersecurity program
Advise product development teams regarding security principles, secure architecture, the implementation of cybersecurity controls, the design and coding of security-related features, and the secure delivery and deployment of applications.
Hands on application security assessments including use of static, dynamic and interactive tools
Use and integrate into CI/CD pipeline commercial and open source tools to achieve security goals
Perform vulnerability triage to prioritize issues, eliminate false positive, articulate issues to developers and provide the best practices and governance for remediation
Assist with security testing of products, including internal penetration testing and working with third-party security assessment and pen testing companies.
Collaborate with and train developers and infrastructure teams to remediate vulnerabilities and develop best practices
Responds to product security questionnaires and key contributor to PSIRTs
Identify new and emerging security tools and practices for implementation
Participate in ISAOs (Information Sharing and Analysis Organizations) and H-ISAC
To fulfill this role, a regular cadence of study in cybersecurity and attendance at conferences
Skills on Resume:
Cybersecurity Program Operationalization (Hard Skills)
Product Security Expertise (Hard Skills)
Program Improvement (Soft Skills)
Security Advisory and Guidance (Soft Skills)
Application Security Assessment (Hard Skills)
CI/CD Integration (Hard Skills)
Vulnerability Management (Hard Skills)
Collaboration and Training (Soft Skills)
9. Application Security Architect, CyberSecure Corp., Austin, TX Job Summary:
Working in a rapidly moving microservices ecosystem that supports a wide variety of languages and build tooling.
Driving the adoption of these security tools and techniques into all development teams.
Work effectively, not just within own team but also with other development teams both locally and in other timezones
Partner with application service teams to develop and implement application security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit;
Collaborate on development of secure solutions, patterns and frameworks to address security risks and threats
Embed secure-by-design and secure-by-default into standard working practices and technologies
Continuously review the design and effectiveness of application security controls and develop a program of continuous security improvement relating to SDLC
Support and grow the maturity of application security and architecture through partnerships on Workday key business deliverables.
Improve in-house security tooling and solutions
Educate, and support Workday to understand the changing application security threat landscape.
Stay ahead of industry technology and business trends. Actively drives product technology and engineering process innovation to help Workday be a leader in Security
Skills on Resume:
Proficiency in Microservices Ecosystem (Hard Skills)
Application Security Expertise (Hard Skills)
Security Standards Development (Hard Skills)
Secure Solution Development (Hard Skills)
Security Integration (Hard Skills)
Continuous Security Improvement (Hard Skills)
Innovation and Education (Soft Skills)
10. Application Security Architect, Quantum Secure Inc., Omaha, NE Job Summary:
Help the broader Security Engineering team to define and integrate Security Architecture standards for the rest of the organization.
Know this can’t be done in a bubble and are ready to roll sleeves and work with Engineering peers.
Have consultation and education for Phreesia Engineering.
Help educate and provide answers to sometimes challenging security questions.
Build (both visually and via documentation) threat models and work to standardize the process across Phreesia
Become intimately involved in helping to design a large-scale transition Phreesia is undertaking to CI/CD pipelines and help design to security best practices on container release platforms.
Review most critical applications and technology stack from the ground up.
Familiar with things like GitOps, Container Release infrastructure, Kubernetes, and container ecosystems (yes, all the pieces around K8s) at least conceptually and help understand and define point controls.
Dig into code to seek deep understanding.
Help to perform risk analysis of new and current build projects
Skills on Resume:
Security Architecture Standards Development (Hard Skills)
Collaboration and Teamwork (Soft Skills)
Consultation and Education (Soft Skills)
Problem-solving and Communication (Soft Skills)
Threat Modeling (Hard Skills)
CI/CD Pipeline Security (Hard Skills)
Technical Proficiency and Code Analysis (Hard Skills)
#J-18808-Ljbffr