Applications Security Architect (Insurance)

Job Description

Our Client is a reputable insurance group which continues to see growth through business acquisition and has a number of operating businesses under a group structure and offers an exciting opportunity for an Applications Security Architect to join theirIT Team.As Applications Security Architect you will work as part of our Clients broader Enterprise Architecture Team working with the Software Development and Applications Management team on designs specifically around ASA.Your primary focus will be to implementsecurity at the early stages so that vulnerabilities can be easily remediated and speed up the software development lifecycle. You will be responsible for meeting the application security needs of the business within their development pipelines. You will demonstratethe history of enterprise application risk management while providing high-quality security guidance and timely issue resolution.Responsibilities

• Design, develop and implement application security services for development and project delivery teams to enforce security standards.
• Documents, tests, integrates, debugs, conducts research, and analyse security flaws or vulnerabilities in software, systems, applications and provides mitigation strategies
• Collaborate with stakeholders in evaluating security processes including product reviews, proof of concept, pilot installations, and security vulnerabilities to provide and maintain maximum SME- level application security.
• Explanation of the security requirements to the design team in the initial stages to minimize the efforts to rework issues identified during penetration tests.
• Effectively communicate findings, attack paths, and recommendations to technical and executive client stakeholders through written reports and verbal presentations.
• Analyze and monitor required measures to ensure the integrity of data network resources performance and security.
• Participate in design and planning exercises for future software rollouts.
• Manage all phases of application lifecycle including requirements analysis, application design, construction, quality control-testing, deployment and integration, troubleshooting, and change management
• Design, Build and Integrate solutions with a strong focus on cloud, Kubernetes, Salesforce, and Force.com application security models, composite applications with a hybrid deployment model for globally distributed architectures
• Work closely with team members from IT, other business units, and vendors to ensure new systems, applications, subscriptions, services, and processes meet security and vulnerability management requirements.
• Recommend industry best practices for vulnerability and threat management remediation.
• Ensure that the organization stays current with new and emerging threats, security risks, and potential impacts on the business.

Skills and experience

• Bachelors degree in Information Technology, Computer Science or a related Science & Technology or Engineering discipline
• Ideally 10+ years of experience working in security architecture roles
• Minimum of 3 years of experience in software development roles
• Minimum of 5 years of experience in security design
• Good understanding of SEI ATAM and ability to apply trade-off analysis
• Strong solution analysis and design skills
• Strong full-SDLC, (SAMM) and OWASP experience
• Knowledge of ITIL and IT governance frameworks
• Excellent communication skills, both written and verbal
• Familiarity and comfort in using web conferencing and collaboration tools and applications such as Teams, Zoom, Whatsapp, Cisco Webex, etc.
• Azure Cloud & Dev/Ops
• CISSP-ISSAP
• CREST Registered Technical Security Architecture (CRTSA) or GIAC
• Defensible Security Architecture (GDSA)

Location: Central London + WFHSalary: < £100,000 salary per annum+ Benefits (bonus program, 25 days paid holiday, private medical, good pension & more)Term: PermanentDo not let this opportunity pass you by, please forward CV details for immediate consideration and interview.

Keyskills :
Application SecurityASAComputer ScienceITILBest Practices