Application Security Architect
Our client a prestigious Boston based investment manager has an immediate need for a Sr. Application Security Architect for a 6 + month consulting engagement. Please see below:
This is a senior level role that will be focused on application security. The ideal candidate would be local to Boston with a strong background in containers, MuleSoft, Traceable, and other skills listed in the Job Summary. 5+ years of experience and must work well independently and on a team. Financial services experience is a plus, but not required.
Job Summary: We are seeking an experienced Security Architect with a strong background in application security, architecture reviews, and security risk assessments. The ideal candidate will have significant experience in securing containerized environments (OpenShift, Podman, and Docker), API Management (preferably with MuleSoft and Traceable), managing open source vulnerabilities with NexusIQ, and implementing Runtime Application Self-Protection (RASP) with Contrast Protect.
Key Responsibilities:
- Conduct comprehensive architecture reviews of new software applications to identify security risks, propose mitigation strategies, and ensure alignment with security best practices.
- Perform Security Risk and Assessments (SRA) for critical applications, identifying potential vulnerabilities and recommending enhancements to strengthen security posture.
- Develop and maintain security policies and procedures related to application development and deployment.
- Secure container orchestration platforms such as OpenShift, and manage container runtime environments using Podman and Docker.
- Implement and manage API security solutions, with a preference for experience with MuleSoft and Traceable.
- Oversee the integration and management of open source security using NexusIQ or similar tools to identify and remediate vulnerabilities.
- Install, configure, and maintain Runtime Application Self-Protection (RASP) solutions, specifically Contrast Protect, to provide real-time application security.
- Collaborate with development teams to incorporate security considerations during the software development lifecycle (SDLC).
- Provide security guidance and training to development and operations teams to raise awareness and improve security practices.
- Stay current with emerging security threats, technologies, and regulations to ensure our applications and infrastructure remain secure.
Qualifications:
- Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field.
- Minimum of 5 years of experience in an application security role, with hands-on experience in security architecture and risk assessments.
- Proven expertise in securing container environments and managing container security.
- Experience with API management and security, especially with MuleSoft and Traceable.
- Proficiency in managing open source security and using tools such as NexusIQ.
- Experience with implementing RASP solutions, preferably Contrast Protect.
- Strong understanding of secure coding practices, ethical hacking, and threat modeling.
- Familiarity with industry standards and frameworks such as OWASP, NIST, and ISO 27001.
- Relevant security certifications (CISSP, CEH, OSCP, etc.) are highly desirable.
- Excellent communication, analytical, and problem-solving skills.
Work Environment:
- Fast-paced and dynamic environment requiring adaptability and continuous learning.
- Collaboration with cross-functional teams and stakeholders.
Onsite in Boston Massachusetts Tuesday-Thursday is preferred. For immediate consideration please email a resume to Kenny at [email protected]
#LI-KW1
#LI-HYBRID