IT Security Architecture Generalist - job id 33597


Your Way To Work™

IT Security Architecture Generalist

$$

Downtown, NYC - Financial District



How to Apply

logo

Maxim Nikouline


logo

(646) 876-9538


logo

(212) 616-4800 ext-190




A Contract position at a global financial services firm.

Pay Options: IC - Self Incorporated or w2.

Contact Maxim call (646)876-9538 or email max@sans.com with the Job Code MN33597 or Click the Apply Now button (Sorry, NO 3rd Party (Subcontract) or 1099 for this position!).

Location: Downtown, NYC - Financial District.

Skills required for the position: Information Security, APPLICATION SECURITY, AUTHENTICATION, IDENTITY MANAGEMENT.

Optional (not required):SAML, SITEMINDER, KERBEROS

Detailed Info: Responsibilities:

1.Lead SecArch deep dives with the requestor of the assessment

2.Prioritize risks identified in relation to business risks

3.Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:

a.Authentication, Authorization, Auditing

b.Application Security - Session Security, Vulnerability/Pen Testing items, Input Validation

c.Secure data transport and storage

4.Periodically review security reference architecture (security blueprints) and conduct updates/enhancements

5.Participate in various Operational and Technology Risk governance processes

6.Assist in identifying new areas and opportunities of technology investment for the firm

Development/Computing Environment: Security Architecture Skills

1.Required - In depth knowledge of application, network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers

2.Required - Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in.

3.Required - Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.

4.Required - The candidate must have working experience in the following application/network security domains:

a.Authentication: SAML, SiteMinder, Kerberos, OpenId

b.Entitlements and identity management

c.Data protection, data leakage prevention and secure data transfer and storage

d.App Security - validation checking, software attack methodologies

e.Cryptography - encryption and hashing

Development Experience

1.Required - Even though the SecArch Integrator role is not a development role, the candidate must have previous background in programming, design and application architecture.

2.Required - In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.

3.Required - working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby


.

The position offers competitive rate.


Job Id: 33597