Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Application Security Architect I

Expired Job

Early Warning Services, LLC Chicago , IL 60602

Posted 2 months ago

A Great Place to Work

Last year, we transformed the P2P payments industry with Zelle. 247-million transactions and $75-billion later, consumers love us as much as our amazing team of talented people. Come join the most INNOVATIVE FinTech company in Arizona.

Overall Purpose

This position assists Security Architecture consultation with IT, Project Management, Product Management, Software Development and other peers on proper security architecture and software development processes to ensure the applications developed and systems implemented are in line with security best practices and Early Warning Services policies and standards.

Essential Functions

  • Facilitates identification, measurement, controls and minimizes security risks to information systems across a broad range of disciplines including application, network and host security.

  • Assists with the evaluation of the current methods in use by Early Warning to access and process data via Early Warning customer facing applications.

  • Assist architecture teams to ensure that all newly developed and legacy applications and infrastructure implementations are in line with security policy and are compliance to the required frameworks (ISO, PCI, OWASP, NIST 800-53, etc.).

  • Advises and approves of changes and architectures for assigned areas from a security perspective.

  • Evaluates all product business cases including functional and detailed design specs to ensure security standards are met.

  • Assists in the security incident response process as assigned.

  • Maintain documentation related to present risks and security issues that could impact the confidentiality, integrity and/or availability of the business (both internally and externally) by assisting in documentation, tracking and creating solutions for mitigation.

  • Assist internal and external penetration testing organizations to coordinate application and network based penetration.

  • Works with Software Development to perform static code analysis on all custom developed code.

  • Support the company's commitment to protect the integrity and confidentiality of systems and data.

Minimum Qualifications

  • Education and experience typically obtained through completion of a Bachelor's degree in Computer Science, Engineering, Math or Physical Science

  • Minimum of 9 months of application security experience.

  • Intermediate knowledge of relational databases, Windows, and Linux operating systems.

  • Effective interpersonal skills, with ability to present to peers.

  • Intermediate knowledge of operating system, application, network, and database security architectures.

  • CEH/CPT Certification or equivalent.

  • Experience in analyzing technical issues and making recommendations for corrective action.

  • Demonstrate intermediate understanding in the field of Information Security in terms of both concepts and technology.

  • Demonstrated understanding of the OWASP Top 10 vulnerabilities.

Preferred Qualifications

  • CISSP, MCSE, SCSA, CCNA or CISA certification

  • Unix administration or hobbyist

  • Application development background

The above job description is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow instructions and perform other related duties as assigned by their supervisor.

Physical Requirements

Working conditions consist of a normal office environment. Work is primarily sedentary and requires extensive use of a computer and involves sitting for periods of approximately four hours. Work may require occasional standing, walking, kneeling, and reaching. Must be able to lift 10 pounds occasionally and/or negligible amount of force frequently. Requires visual acuity and dexterity to view, prepare, and manipulate documents and office equipment including personal computers. Requires the ability to communicate with internal and/or external customers.

Employee must be able to perform essential functions and physical requirements of position with or without reasonable accommodation.

Early Warning is an equal opportunity employer that takes affirmative action to employ, and advance in employment, qualified minorities, women, individuals with disabilities and covered veterans.


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Of Information Security Application Security Architect

CME Group

Posted 2 days ago

VIEW JOBS 11/20/2018 12:00:00 AM 2019-02-18T00:00 Description CME Group: Where Futures Are Made CME Group (www.cmegroup.com) is the world's leading and most diverse derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 2,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more. The Director of Application Security Architecture will lead and manage all functions of the Application Security Architecture Team. The Director will oversee the team, both staff and contractors, and is responsible for the application architecture strategic roadmap. The role is accountable for operating the Application Security Architecture Program and acts as a business liaison with other business units of CME, and help facilitate demand management. The Director will be a hands-on manager, requiring a high-level of technical expertise, to be able to develop solutions and mentor other staff and teams. They will provide application design support and guidance, in the form of consultation. They will automate as many components and task as possible, ensure that solutions integrate with operational processes such as monitoring and alerting, and will innovate and ensure that all applications are built and remain secure throughout the software development lifecycle. The Director must be able to drive change across the organization, and support the evolution of the organization to a Dev/Sec/Ops model. As a leader on the Global Information Security Team (GIS), the incumbent is expected to remain engaged with and support other leaders across GIS and Technology to ensure the timely delivery of security and business solutions. Principal Accountabilities * Advisory: This role will actively lead the creation and updating of Standards and Reference Architectures. Standards may be required for CME Group to comply with regulations mandated by various regulatory bodies that provide oversight to CME Group business functions. Reference Architectures provide direction and guidance on proper compliance with define standards. * Operational: This role will help forecast demand for Application Architecture services by meeting with CME business units to better understand their needs. This role will also help determine necessary resource levels to support those business units' needs. * Financial: This role will make staffing recommendations for the GIS Application Security Architecture Team. * Establishing and operating the Application Security Architecture Program, including: business processes, policies, standards, and prioritization of activities * Communicate and collaborate with cross-functional peers outside of the Technology Division, including General Counsel, Records Retention, Global Assurance, Enterprise Risk Management, Third Party Risk Management, and other business unit leadership * Work collaboratively with various CME Group teams including I&O, E&E, APM, Enterprise Risk Management and Compliance teams to establish Security Standards and Reference Architectures and actively participates in Communities of Practice to ensure effective adoption of security and continuous improved. * Drive objectivity and build consensus among internal and external stakeholders with widely divergent perspectives and drivers. Interact with industry peers from other SIFMUs, research organizations, solution providers, etc. * Participate in and contribute to key working groups across the enterprise, including but not limited to: Architecture Review Board and/or change advisory boards. Prepare reports for senior management including presentations, metrics, and other documentation required to support governance functions. * Continuous improvement and maturation of the methods, instrumentation, training, documentation, and processes required to properly assess and govern application architecture and software development lifecycle. Day-to-day * Strategic Visioning: manage security standards and reference architectures to ensure adequate security controls throughout CME Groups systems and technologies * Management of the security road-map, and communicate securities vision to business partners and IT staff * Actively participate in Communities of Practice to ensure effective adoption and continuous improvement of security efforts * Act as an advocate for security and lead efforts to promote security awareness at all levels of the organizations * Act as primary contact and respond to questions or actions related to software security audits * Ensure that all risk considerations are identified and addressed with new and modified software * Monitor and enhance secure coding standards within the Software Development Lifecyle * Identify and establish core architectural mechanisms to enhance the security of software * Support larger architectural projects while leading and managing internal projects * Provide consultation on secure application design This role will influence and collaborate regularly with various peers via steering committees, standards and policy governance teams and other group settings that formulate CME Group security policies, standards, and reference architectures. This role will lead formation of policies, standards, reference architectures, process and procedures as they related to application architecture at CME Group. Education: A Bachelor's or Master's degree in Computer Science, Information Systems or other related field; or equivalent work experience. Experience * 7+ years of experience at director or manager level in publicly traded companies or finance/technology industry operations; OR minimum 7 years as a consultant to such companies at a commensurate level. * Experience with or deep exposure to the financial industry, focused on clearing or trading * Demonstrable knowledge of a broad range of Information Security technologies and practices * Demonstrable, impeccable writing skills for technical, management, and executive audiences * Demonstrable communication capabilities including oral presentation and ability to present in front of executive leadership * Demonstrable experience coordinating multiple concurrent issues, in high-pressure situations * 10+ years of application security analysis, design and application development OR demonstrated ability to meet job requirements through a comparable number of years of technical work experience * Experience with scripting languages such as: Python, bash, Powershell, etc. * Experience with drafting of standard, reference architecture, policies, procedures and implementation guidelines * Extensive experience with the Build Security In Maturity Model (BSIMM) methodology and assessment process * High understanding of entire development process, including specification, documentation and quality assurance * High degree of understanding in the theories, methodologies and principals underlying secure technical analysis, design and implementation of software applications, systems, and databases * Candidates must have proven ability to build value propositions, business cases, & drive results as part of a larger project or program team * SSCP or other industry certifications are desirable. PMP is a plus. * Relevant experience designing, implementing, and supporting large scale solutions * Experience with Cryptographic Services * Experience with Amazon Web Services Certifications * Preferred: one or more certifications, including: * CISSP * CISA * GIAC * GSEC * EnCE * GWAPT * OSCP/OSWE Software Requirements * Confluence/JIRA * Development languagesg (Java, .Net [C#, VB#], C++, GO) * Scripting languages (Python, bash, Powershell, etc.) * Middleware (Apache, Tomcat, WebSphere, etc.) For EU Residents, the Candidate Privacy Policy can be found here. CME Group Chicago IL

Application Security Architect I

Expired Job

Early Warning Services, LLC