IT Security Architecture Generalist
Downtown, NYC - Financial District
A Contract position at a global financial services firm.
Pay Options: IC - Self Incorporated or w2.
Contact Maxim call (646)876-9538 or email firstname.lastname@example.org with the Job Code MN33597 or Click the Apply Now button (Sorry, NO 3rd Party (Subcontract) or 1099 for this position!).
Location: Downtown, NYC - Financial District.
Skills required for the position: Information Security, APPLICATION SECURITY, AUTHENTICATION, IDENTITY MANAGEMENT.
Optional (not required):SAML, SITEMINDER, KERBEROS
Detailed Info: Responsibilities:
1.Lead SecArch deep dives with the requestor of the assessment
2.Prioritize risks identified in relation to business risks
3.Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
a.Authentication, Authorization, Auditing
b.Application Security - Session Security, Vulnerability/Pen Testing items, Input Validation
c.Secure data transport and storage
4.Periodically review security reference architecture (security blueprints) and conduct updates/enhancements
5.Participate in various Operational and Technology Risk governance processes
6.Assist in identifying new areas and opportunities of technology investment for the firm
Development/Computing Environment: Security Architecture Skills
1.Required - In depth knowledge of application, network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers
2.Required - Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in.
3.Required - Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
4.Required - The candidate must have working experience in the following application/network security domains:
a.Authentication: SAML, SiteMinder, Kerberos, OpenId
b.Entitlements and identity management
c.Data protection, data leakage prevention and secure data transfer and storage
d.App Security - validation checking, software attack methodologies
e.Cryptography - encryption and hashing
1.Required - Even though the SecArch Integrator role is not a development role, the candidate must have previous background in programming, design and application architecture.
2.Required - In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.
The position offers competitive rate.
Job Id: 33597