We are seeking a talented IT Application Security Architect for a long-term (multi-year) contract role with our client. This is 100% REMOTE.
- The IT Application Security Architect (ITASA) is an experienced person who will work with IT to support business units across the enterprise using various technologies.
- As a senior member of the IT team, the ITASA’s purpose is to help ensure the security, confidentiality, integrity, and availability of the our clients ecosystem.
- You can succeed by working closely and overcommunicating with our client’s project teams across the agile train, business groups, and the IT security teams.
- It is the ITASA’s responsibility to ensure effective remediation or controls around findings in web applications and data for our clients initiatives.
- The ITASA will need the ability to be efficient working alone across multiple application and network teams.
- All ITASAs will, under the guidance of a Lead Application Security person, be responsible for actively reviewing and following existing security policies, procedures, and standards, as they relate to application security.
- As an ITASA, you will need to cultivate a culture of security awareness and continued education of personnel to ensure security policies are consistently adhered to.
- The application security team will work with the leading project individuals to identify, assess, remediate, or control risks related to application security.
- You will need to conduct individual security code reviews, pipeline automation, and scripting of security tools as is necessary in existing system architecture.
- You must have a solid understanding of security protocols, cryptography, authentication, authorization, and general application security requirements.
- As an ITASA, you will work with Lead Application Security personnel to evaluate, recommend, design, and implement application security solutions increasing our client’s application security posture and reducing application threat surfaces.
- You will need excellent written and verbal communication skills along with business acumen and an enterprise outlook to interact with a broad cross-section of personnel explaining and enforcing security measures.
- The ITASA may be expected to engage with third party vendors for tools to evaluate, improve and automate daily processes for the security team.
- Each ITASA will perform tasks in support of the current IT Security Roadmap and may be responsible for the intake, development, assessment, and management of new or existing tools.
- Experience with auditing application and system architectures
- A minimum of 10+ years of Microsoft enterprise full stack web development
- Continuous learning on the job to keep up with a fast paced ever changing field
- Experience in information and IT risk management with a focus on security, performance, and reliability
- Knowledge of information systems and current industry security standards and practices
- Familiarity with two or more: OWASP, SANS, NIST, ISO27001, and/or COBIT 5
- Database security
- Mobile application security
- Enterprise user directory services
- System authentication and authorization
- Application encryption key management
- Web server configuration and hardening
- Azure SaaS /PaaS/IaaS security and design
- Auditing of information security subject areas
- Networking segmentation, systems, models, and processes
- Minimum 3+ years of code review experience
- Minimum 5+ years C# development
- Minimum 2+ years of NodeJS experience
- Minimum 2+ years scripting language (PowerShell, python)
- Minimum 1+ year of React experience
- Minimum 2+ years experience with Azure, including Infrastructure as Code
- Bachelor’s Degree
- Demonstrated knowledge of web application penetration testing is preferred
- Certification (SABSA, CISSP, etc.) in topics the address security directly is preferred.
- Familiarity with: OWASP, Checkmarx, Burp, ZAP, IBM AppScan
Job Requisition # 35791
A reasonable estimate of the pay range for this role is $85.00 - $95.00 per hour.#LI-LA1
The disclosed pay range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The compensation decisions are dependent on the facts and circumstances of each case, such as skills and experience levels.
General Description of Benefits:
Medical, Dental, Vision insurance, 401(K) and other supplemental coverage.
APC believes that the workplace should be fun and enjoyable. Join our team today and ignite your career!
Company – Staffing – 501 – 1000 employees
APC is a professional services organization focused on engaging people and positively impacting lives. As professionals serving professionals, we take pride in providing our employees with the highest level of customer service and support, creating meaningful, fulfilling and rewarding experiences every day.
APC is committed to creating a diverse work environment and is proud to be an equal opportunity employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, genetics, or veteran status.
Location/Region: Raleigh, NC