Sr Application Security Architect
12202 Airport Way #100 Broomfield, CO 80021
Blackstone Technology Group, an award-winning technology consulting and talent agency, is seeking an experienced Application Security Architect to join its client' s team in Broomfield, Colorado.
Responsibilities range from auditing code, architecture and databases used in custom-developed web and cloud applications, to testing for common application level vulnerabilities, weaknesses, and providing both vulnerability analysis and development advise for application hardening.
Applicant must possess a strong background in software development, secure coding techniques, secure architecture, software security frameworks, common weaknesses and vulnerability analysis. Candidate should have experience securing web and mobile applications, APIs, micro-services, containers, cloud and cloud-hybrid architectures.
- Review, evaluate and prioritize vulnerability findings while working with app development and QA teams across multiple products
- Provide SME support on secure code implementation, design and architecture.
- Threat-modelling & risk analysis
- Participate in providing annual OWASP & PCI training for developers
- Helps maintain updated Secure Coding Best Practices
- Common application level vulnerabilities
- Risk Management
- Findings/vulnerability prioritization
- Mitigation strategy
- Controls Evaluation – Review, validate, recommend and create standards
- Review of open-source development libraries for security risks
- Web application firewall (WAF) rule development and implementation
- Security technologies review and recommendations
- Bachelors of Computer Science or similar
- 6 or more years of experience in applying Information Security best practices to Information Technology assets plus 5 or more years of experience with software development.
- Experience with static and dynamic vulnerability identification using industry leading scanning tools and manual code reviews
- Experience with the Top 10 OWASP (Open Web Application Security Project) vulnerabilities (most critical web vulnerabilities) and how to identify and remediate them
- Solid understanding of Information Security in general and the specific behaviors that would secure information assets
- Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand; and ability to effectively communicate with both non-technical and technical people
Blackstone Talent Group is a division of Blackstone Technology Group, a global IT services and solutions firm that implements technological solutions across commercial industry verticals and the US Federal Government. Blackstone’ s global talent augmentation practice was founded in 1998. Blackstone Talent Group has offices in San Francisco, Denver, Houston, Colorado Springs, and Washington, DC. We specialize in providing clients the best talent across a variety of industries and sectors.
EOE of Minorities/Females/Veterans/Disabilities