• Mexico
  • Save Job
  • 8 - 11 Years
  • Posted : above 1 month

Job Description:

Senior Application Security Architect (SASA) - 19022901

Description

Senior Application Security Architect (SASA)

Description

A Senior Application Security Architect (SASA) is required to assess and manage technology risks and provide compliance guidance per Citi IS and application security standards and provide support to Technology Development Units in their development Lifecycle

The ICG Technology Information Security Team is responsible for managing risk and providing controls and compliance guidance and support to Technology Development Units by ensuring compliance with Citi standards, policies, and procedures, liaising with corporate IS and driving secure SDLC initiative for ICG sector The team needs to expand its capability to ensure security requirements are assessed early in the development lifecycle and architecture/design of the application incorporates required security measures The SASA will have strong technical acumen and should establish relationships with application managers, domain architects, project managers and corporate IS and other disciplines You will join an elite team of some of the smartest minds in the business that have been tasked with performing threat modeling exercises and proposing technical controls for our top most critical applications to ensure that they are highly resilient from Internet-borne threats You will work on some of the most cutting edge technologies and provide value by solving real world problems that our industry as a whole is facing Your key stakeholders will be application development teams, our internal vulnerability assessment teams and the IS organization as a whole

As senior application security architect you will review our most critical applications and their technology stack from top to bottom Therefore, we require in depth subject matter expert knowledge of application security, with thorough understanding of infrastructure and network security

Ideally candidate who has worked for a similar organization, with 7 years of experience as application security consultant / penetration tester / security architect

Must have SME level knowledge of web application vulnerabilities and web application business logic flaws and threats

In depth, hands-on understanding and application architectures and technology (including web applications, mobile technology, web 20 technology, identity and access management)

Demonstrable experience with mobile application security, HTML5, Web Services assessment, identity management will be highly regarded

Thorough understanding of industry and corporate technology standards for Information Security

Detailed familiarity with security hacking tools and techniques

Additional responsibilities for this role will be

to engage in the initial requirements definition (including analysis of threats and risks and alignment with Citi IS and Architecture standards)

conduct and facilitate security reviews including Secure SDLC testing requirements throughout the development lifecycle

facilitate table-top /red-team/scenario analysis exercises in conjunction with other SMEs

plan the resolution of any identified vulnerabilities/issues

Security review of applications including responsibility for driving requirements definition and risk analysis

Facilitate and support threat/architecture reviews and scenario analysis/red team/tabletop exercises

Identify enhancements to IS tools, standards, and processes

Provide SME support to projects and programs

Qualifications

Skills

at least 8 years of Experience in research and development

Strong knowledge of software development/deployment methodologies in web/mobile based environments

BS BA in any carreer or engeneering or related field

Strong knowledge of software security for web and mobile applications

Background with mobile hardware and software technologies

Strong understanding of information security and risk analysis processes, including threat modeling

good comunication skills, analitycal, self motivated
<

Profile Summary:

Employment Type : Full Time
Eligibility : Any Graduate
Industry : Banking
Functional Area : IT Software : Software Products & Services
Role : System Security
Salary : As per Industry Standards
Deadline : 11th Mar 2020

Key Skills:

Company Profile:

Company
Citibank Indiaarfix

Salary trends based on over 1 crore profiles

View Salaries

All rights reserved © 2018 Wisdom IT Services India Pvt. Ltd DMCA.com Protection Status