Job Description
Application Security Architect/Principal Application Security Architect/Principal
2 days ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Continue with Google Continue with Google
Continue with Google Continue with Google
Continue with Google Continue with Google
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Tekfortune Inc., is seeking the following. Apply via Dice today!
Job Role: Application Security Principal Location: Onsite mandatory Naperville, IL / Chicago, IL
Duration: 6 months Contract (with possible extension)
Position Summary The Application Security Principal role is pivotal in bridging the current security gaps and embedding security into every aspect of the technology lifecycle at OHS. This role collaborates with various teams to integrate security into applications and platforms, ensuring the safe deployment and operation of in-house-built solutions. With expertise in identity and access management, data security, threat modeling, and the secure software development lifecycle, the engineer ensures that security controls are seamlessly integrated throughout the application development process. Additionally, the role leads efforts in API security, conducts security assessments for AI systems, and continuously improves security tools and processes to address evolving threats.
Responsibilities include but are not limited to: - Develop, manage, and enforce data protection controls to ensure data security is always maintained.
- Conduct threat modeling for complex applications and platforms.
- Secure code reviews, vulnerability assessments, application security standards and guidelines.
- Deploy, manage, operate RASP, SAST, DAST, WAF, IAST.
- Develop and implement Security measures for AI systems and initiatives.
- Establish API Security Frameworks, standards, and API Security management.
- Develop and manage application & data threat modeling and lead Secure SDLC efforts including standards.
- Define Identity and access controls with regards to applications, platforms and data.
- Update and maintain relevant standards and frameworks to ensure continued safeguarding company assets including sensitive data.
- Familiarity with PCI-DSS requirement and e-commerce security requirements and establish standards to secure e-commerce platform.
- Familiarity with authentication & authorization technologies sus as OAuth, SAML, JWT, federation and drive standards for consumer platforms in alignment with business requirements.
Experience And Qualifications Of The Role - Minimum 10+ years of experience with technology and at least 7-years in Information Security within cloud-native or SaaS technology environments.
- Experience conducting threat hunting, threat modeling in cloud platforms such as AWS, Azure, Oracle, Salesforce, Snowflake and container environments.
- Relevant certifications such as CSSLP, GWEB, GWPAT, and AWS/Google Cloud Platform/Azure Security certifications are desirable.
- Working experience performing security architecture review, code review, and building security requirements for the introduction of new technologies in a multi-cloud environment including SaaS applications.
- Working experience leveraging and customizing native & 3rd party security tools to secure multi-cloud environments.
- Hands-on experience working in multi-cloud environment with an understanding of cloud technology components such as networking, segmentation, virtualization, encryption, secrets & key management, serverless, container, Kubernetes and IaC.
- Hands-on experience with cloud/infrastructure traffic analysis, anomaly detection, Web Application Firewall (WAF), RASP, IAM and security automation.
- Familiarity with security concepts such as secure-by-design, application architecture, Authentication (SSO, SAML, Azure AD), Perimeter security, Micro-segmentation and Zero-Trust.
- Hands-on experience with Policy as Code (Client) using coding languages such as Python, Go, JavaScript, or YAML.
- Hands-on experience with security testing tools such SCA, SAST, DAST and Website analysis.
- Extensive experience writing technical and business-friendly security documentation.
- Strong analytical, problem-solving, and communication skills. Ability to work collaboratively in a dynamic environment and manage tasks with attention to details.
- Experience working with developers, product managers, and having some eCommerce experience.
- Experience with Node.js, JavaScript, TypeScript, Python, and .NET.
Computer Skills Needed to Perform the Job
- Proficiency in Microsoft O365.
- Strong Excel Skills.
- Strong PowerPoint / Presentation skills.
- *
- Bachelor s degree in computer science, Cybersecurity, or comparable technical experience.
- Certificates, Licenses, Registrations. ** CISSP, CSSLP, GWEB, GWAPT or other relevant security certification and experience are desired.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Full-time
Job function
Job function
Information Technology Industries
Software Development
Referrals increase your chances of interviewing at Jobs via Dice by 2x
Continue with Google Continue with Google
Chicago, IL $156,000 - $253,560 2 days ago
TECHNOLOGY AND INFRASTRUCTURE ARCHITECT - BUREAU OF TECHNOLOGY (ACTIVELY RECRUITED)
Manager Computer Systems Analysis 2 - R10197185-3
Rolling Meadows, IL
$129,300.00
-
$193,900.00
3 weeks ago
Senior Technical Consultant, Platform Engineering
Chicago, IL
$170,000.00
-
$210,000.00
4 days ago
Solutions Architect, Amazon Web Services
Chicago, IL
$138,200.00
-
$239,000.00
1 week ago
Cloud Security Manager - Microsoft Azure
Chicago, IL
$144,200.00
-
$265,600.00
2 weeks ago
Chicago, IL $144,200 - $265,600 2 weeks ago
Chicago, IL $120,000 - $150,000 4 weeks ago
Chicago, IL $138,500 - $190,000 2 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Job Tags
Full time, Contract work, Work experience placement, Work at office,