Application Security Architect

Key Responsibilities: 
·        Conduct comprehensive architecture reviews of new software applications to identify security risks, propose mitigation strategies, and ensure alignment with security best practices.
·        Perform Security Risk and Assessments (SRA) for critical applications, identifying potential vulnerabilities and recommending enhancements to strengthen security posture.
·        Develop and maintain security policies and procedures related to application development and deployment.
·        Secure container orchestration platforms such as OpenShift, and manage container runtime environments using Podman and Docker.
·        Implement and manage API security solutions, with a preference for experience with MuleSoft and Traceable.
·        Oversee the integration and management of open source security using NexusIQ or similar tools to identify and remediate vulnerabilities.
·        Install, configure, and maintain Runtime Application Self-Protection (RASP) solutions, specifically Contrast Protect, to provide real-time application security.
·        Collaborate with development teams to incorporate security considerations during the software development lifecycle (SDLC).
·        Provide security guidance and training to development and operations teams to raise awareness and improve security practices.
·        Stay current with emerging security threats, technologies, and regulations to ensure our applications and infrastructure remain secure.

Qualifications: 
·        Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
·        Minimum of 5 years of experience in an application security role, with hands-on experience in security architecture and risk assessments.
·        Proven expertise in securing container environments and managing container security.
·        Experience with API management and security, especially with MuleSoft and Traceable.
·        Proficiency in managing open source security and using tools such as NexusIQ.
·        Experience with implementing RASP solutions, preferably Contrast Protect.
·        Strong understanding of secure coding practices, ethical hacking, and threat modeling.
·        Familiarity with industry standards and frameworks such as OWASP, NIST, and ISO 27001.
·        Relevant security certifications (CISSP, CEH, OSCP, etc.) are highly desirable.
·        Excellent communication, analytical, and problem-solving skills.