Job Description:
Seeking a highly skilled and experienced Senior Cyber Security Architect to join our team. The ideal candidate will have a strong background in enterprise applications with a special focus on Platforms and APIs. This role requires a comprehensive understanding of security architecture principles and the ability to design implement and maintain robust security solutions across our organizations technology landscape.
Key Responsibilities:
- Lead the design and implementation of security architectures for enterprise applications platforms and APIs.
- Develop and maintain security standards guidelines and best practices for application development and integration.
- Conduct security risk assessments and threat modeling for new and existing enterprise applications and platforms.
- Collaborate with development teams to ensure security is integrated throughout the software development lifecycle (SDLC).
- Design and oversee the implementation of authentication authorization and access control mechanisms for APIs and platforms.
- Evaluate and recommend security tools and technologies for application and API security.
- Develop and maintain security documentation including architecture diagrams policies and procedures.
- Provide expert guidance on secure coding practices and application security testing methodologies.
- Stay current with emerging threats vulnerabilities and security technologies in the application and API security space.
- Participate in incident response planning and execution related to application security incidents.
Qualifications:
- Bachelors degree in Computer Science Information Technology or a related field. Masters degree preferred.
- 8 years of experience in IT security with at least 5 years specializing in application security architecture.
- Deep understanding of enterprise application architectures microservices and API security principles.
- Strong knowledge of OWASP Top 10 SANS Top 25 and other industrystandard security frameworks.
- Expertise in secure software development practices and secure SDLC methodologies.
- Proficiency in cloud security architectures (AWS Azure GCP) and container security.
- Experience with identity and access management (IAM) solutions and federated authentication protocols.
- Familiarity with DevSecOps practices and tools.
- Strong understanding of cryptography and key management systems.
- Experience with security information and event management (SIEM) systems and log analysis.
- Knowledge of relevant compliance standards (e.g. PCI DSS HIPAA SOC 2 ISO 27001).
Additional Qualifications (Nice to Have):
- Relevant security certifications such as CISSP CSSLP CCSP or SABSA.
- Experience with threat modeling methodologies (e.g. STRIDE DREAD).
- Familiarity with application security testing tools (SAST DAST IAST).
- Understanding of network security principles and architectures.
- Experience with secure API gateway solutions and API management platforms.
- Knowledge of serverless architectures and their security implications.
- Familiarity with blockchain technology and associated security considerations.
Soft Skills:
- Excellent communication skills with the ability to explain complex security concepts to both technical and nontechnical audiences.
- Strong analytical and problemsolving skills.
- Ability to work collaboratively in crossfunctional teams.
- Leadership experience in driving security initiatives across an organization.
- Adaptability and willingness to learn new technologies and security approaches.
UrBench is an equal opportunity employer and is committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to race color religion gender gender identity or expression sexual orientation national origin genetics pregnancy status as a parent disability age veteran status or other characteristics as defined by federal state or local laws.