Application Security Architect

Application Security Architect

• Location: Remote
• Job Type: Full-time
• Salary: 90,000

Reed Technology are seeking a Senior hands-on Application Security Architect for our industry leading client. This role is crucial for establishing and permeating a Secure SDLC and 'Secure by design' approach across the organisations Architecture and Software Engineering teams. The ideal candidate will be responsible for developing, implementing, and maintaining application security architecture to ensure our systems are designed with speed, scalability, robustness, zero-trust, automation, and supportability at the core.

Day-to-day of the role:

• Develop, implement, and maintain application security architecture across the organisation.
• Ensure systems are designed with objectives like speed, scalability, robustness, zero-trust, automation, and supportability at the core.
• Collaborate with the Architecture and Engineering team to ensure security is an integral part of all development and deployment processes.
• Provide expert software security advice (design, coding, testing, etc.) to the Software Engineering community, InfoSec, DevOps, and other colleagues.
• Define and deliver secure software development information to the software engineering teams.
• Escalate issues appropriately to various teams and levels of authority within the organisation.
• Interface with our customers to ensure that security obligations are managed and met appropriately.

Required Skills & Qualifications:

• Strong grasp and practical experience with the Software Development Life Cycle (SDLC), including roles such as Developer or Senior Tester.
• Familiarity with multiple programming languages, such as C++/C/C#, .NET core, Java, JavaScript, Node.js, Angular, and React.
• Experience in creating application security strategies, standards, best practices, and providing direct input to project teams and business stakeholders.
• Experience working with security issues in software architecture and development, including static and/or dynamic code analysis and tools, software dependency check, OWASP Top10 testing, application threat modelling, etc.
• Experience working in an Agile software development environment with both classic applications and microservices, using modern code processing and continuous integration and delivery tools (e.g., GitHub, Jenkins, Bamboo).
• Expertise in translating security policy statements into implementable security controls and techniques.
• Understanding of common information security management standards, frameworks, and laws/regulations such as ISO 27001, NIST, GDPR.
• Experience securing Azure cloud workloads and environments.