Security Architect
Senior Architect - Investment Bank - Mobile Applications - Java Technologies - Canary Wharf
Security Architect with strong Java/J2ee skills surrounding application technologies and mobile applications required for Global Investment bank. This is a newly created role in London sitting within Technology Risk but working very closely teams in New York. You will be at a level where although you will not be coding, although you must still be able to review and source code to identify security threats as well as advise on mobile and hardware security.
Key responsibilities for this role will be:
*To engage in the initial requirements definition (including analysis of threats and risks and alignment with the banks Architecture standards).
*Conduct and facilitate security reviews including SSDLC testing requirements throughout the development lifecycle.
*Facilitate 'table-top'/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues.
*Security review of applications including responsibility for driving requirements definition and risk analysis Facilitate and support threat/architecture reviews and scenario analysis/red team/tabletop exercises Identify enhancements to IS tools, standards, and processes
*Provide SME support to projects and programs.
Qualifications
*Experience in a similar role with a focus in IS technology Knowledge
*In depth, hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
*Thorough understanding of industry and corporate technology standards for Information Security;
*Detailed familiarity with security hacking tools and techniques.
Skills
*Experience in research and development Strong knowledge of software development/deployment methodologies in web/mobile based environments.
*Strong knowledge of software security for web and mobile applications
*Background with mobile hardware and software technologies
*Strong understanding of information security and risk analysis processes (e.g. threat modeling).