Senior Application Security Architect

Pwc Des Moines , IA 50301

Posted 3 weeks ago

A career in Information Security, within Internal Firm Services, will provide you with the opportunity to develop and support our internal security technologies and services across the entire global and local PwC network. You'll focus on being the forefront of designing, developing, and implementing information technology including hardware, software, and networks that enhances security of internal information and protect our firms intellectual assets.

To really stand out and make us fit for the future in a constantly changing world, each and every one of us at PwC needs to be an authentic and inclusive leader, at all grades/levels and in all lines of service. To help us achieve this we have the PwC Professional; our global leadership development framework. It gives us a single set of expectations across our lines, geographies and career paths, and provides transparency on the skills we need as individuals to be successful and progress in our careers, now and in the future.

As a Senior Manager, you'll work as part of a team of problem solvers, helping to solve complex business issues from strategy to execution. PwC Professional skills and responsibilities for this management level include but are not limited to:

  • Take action to ensure everyone has a voice, inviting opinion from all.

  • Establish the root causes of issues and tackle them, rather than just the symptoms.

  • Initiate open and honest coaching conversations at all levels.

  • Move easily between big picture thinking and managing relevant detail.

  • Anticipate stakeholder needs, and develop and discuss potential solutions, even before the stakeholder realises they are required.

  • Develop specialised expertise in one or more areas.

  • Advise stakeholders on relevant technical issues for their business area.

  • Navigate the complexities of global teams and engagements.

  • Build trust with teams and stakeholders through open and honest conversation.

  • Uphold the firm's code of ethics and business conduct.

Job Requirements and Preferences:

Basic Qualifications:

Minimum Degree Required:

High School Diploma

Minimum Years of Experience:

6 year(s) in IT architecture and 2+ years experience with operating system security for Windows, UNIX, Middleware or Oracle/SQL databases.

Preferred Qualifications:

Degree Preferred:

Bachelor Degree

Preferred Fields of Study:

Information Technology, Computer Systems Analysis, Management Information Systems, Computer Engineering, Computer Programming

Certification(s) Preferred:

CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification

Microsoft Azure Solutions Architect, or AWS Solutions Architect

Preferred Knowledge/Skills:

Demonstrates intimate abilities and/or a proven record of success in understanding effective control implementation in the following domains:

  • Application Security;

  • Cloud & Services Hosting;

  • Identity and Access Management;

  • Data Protection;

  • Borderless Connectivity;

  • Endpoint Security; and,

  • Cyber Security Operations.

Demonstrates intimate knowledge and/or a proven record of success in security technology in the following areas:

  • Understanding of migration or development experience in one of the major cloud platforms;

  • Possessing extensive experience in security design review and recommendations;

  • Being conversant with ISO 27002:2005/2013 information security standard;

  • Having a working knowledge of user and data driven design approaches as well as understanding industry leading practices for key management

  • Demonstrating architectural domain knowledge including cloud application architecture and container-based deployment;

  • Understanding established Software Development Lifecycles and methodologies including agile, scrum, iterative and waterfall;

  • Analyzing Identity access management integration for projects to assure security;

  • Identifying complex security vulnerabilities and design compensatory controls;

  • Analyzing network security controls, including firewall and router security configuration;

  • Working in a complex and matrixed organization;

  • Partnering with and enabling the development process to assure that security requirements are met while allowing for maximum speed to market;

  • Supporting a leading edge development effort by developing standardized reusable security frameworks;

  • Collaborating with multiple stakeholders across functional and technical skill sets;

  • Supporting and integrating with key business and strategic priorities;

  • Working with developers and application architects to make IT security design recommendations;

  • Assuring that effective design of security controls related to people, process, and technology are in place;

  • Engaging business and technology stakeholders at all levels to gather long term goals & requirements around system security and usability;

  • Aligning business requirements to complex security architecture frameworks:

  • Designing and building security technology solutions aligned to a global central service environment;

  • Translating and communicating complex technical topics into practical business terminology both verbally and in writing;

  • Managing multiple security assessments and changing priorities, simultaneously; and,

  • Understanding the functions applied in the support of and integration with key business and strategic priorities.

All qualified applicants will receive consideration for employment at PwC without regard to race; creed; color; religion; national origin; sex; age; disability; sexual orientation; gender identity or expression; genetic predisposition or carrier status; veteran, marital, or citizenship status; or any other status protected by law. PwC is proud to be an affirmative action and equal opportunity employer.

For positions based in San Francisco, consideration of qualified candidates with arrest and conviction records will be in a manner consistent with the San Francisco Fair Chance Ordinance.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
ISE 5 Application Security Developer

Wells Fargo

Posted 4 days ago

VIEW JOBS 5/28/2020 12:00:00 AM 2020-08-26T00:00 Job Description Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as "Personal Cell" or "Cellular" in the contact information of your application. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers. The Enterprise Application Security Program enhances the ability of the development organization to consistently deliver highly functional applications that are secure and resilient against attack by developing policies, processes, and tools to proactively embed security into Wells Fargo-developed applications. The person in this role is a key member of the Secure Software Group who will develop custom technology to improve application security effectiveness and efficiency in the Wells Fargo SDLC. Primary job responsibilities include: * Leading the design, development, and implementation of custom software that integrates security, software development, and risk management systems * Defining and executing strategies for security defect management in a Continuous Integration/Continuous Deployment (CI/CD) pipeline * Managing the policy, process, and tools for security defect remediation * Managing the software release process for custom-developed software, including source code management, change management, documentation, and end user notification * Supporting patching, upgrade, and business continuity testing of related products * Ensuring tools and documentation are maintained in accordance with enterprise policies and best practices * Collaboration with an offshore development team Required Qualifications * 7+ years of information security applications and systems experience * 5+ years application security vulnerability detection and mitigation experience with Open Web Application Security Project (OWASP) Top 10 and SANS Common Weakness Enumeration Top 25 * 5+ years of application development experience Desired Qualifications * Advanced Information Security technical skills and understanding of information security practices and policies * Ability to manage complex issues and develop solutions * Excellent verbal and written communication skills Other Desired Qualifications * 5+ years of C#/.NET software development experience * 3+ years of Java software development experience * 3+ years of SQL experience. T-SQL / MSSQL preferred. * Experience with The Denim Group's ThreadFix product * Knowledge of Web Application Firewall (WAF) technology * Advanced Application Security technical skills * Experience performing software development in a large enterprise environment * Experience with Agile and CI/CD technologies such as Jira, Docker, Kubernetes, Jenkins, etc. * Experience writing PowerShell * Understanding of information security practices and policies as implemented in a large enterprise environment * Experience defining and/or developing business initiatives that require integration of multiple technology systems * Knowledge and understanding of banking or financial services industry Job Expectations * Ability to work outside of regular business hours * Ability to travel up to 5% of the time Street Address CA-SF-South Of Market Area: 45 Fremont Street - San Francisco, CA MN-Minneapolis: 255 2nd Ave S - Minneapolis, MN MN-Shoreview: 1801 Parkview Dr - Shoreview, MN IA-West Des Moines: 800 S Jordan Creek Pkwy - West Des Moines, IA IA-West Des Moines: 7001 Westown Pkwy - West Des Moines, IA IL-Chicago: 150 S Wacker Dr - Chicago, IL MA-Boston: 125 High Street - Boston, MA NY-New York: 150 E 42nd St - New York, NY AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO TX-Irving: 5000 Riverside Drive - Irving, TX TX-Plano: 4975 Preston Park Blvd - Plano, TX Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo West Des Moines IA

Senior Application Security Architect