Naukrijobs UK
Register
London Jobs
Manchester Jobs
Liverpool Jobs
Nottingham Jobs
Birmingham Jobs
Cambridge Jobs
Glasgow Jobs
Bristol Jobs
Wales Jobs
Oil & Gas Jobs
Banking Jobs
Construction Jobs
Top Management Jobs
IT - Software Jobs
Medical Healthcare Jobs
Purchase / Logistics Jobs
Sales
Ajax Jobs
Designing Jobs
ASP .NET Jobs
Java Jobs
MySQL Jobs
Sap hr Jobs
Software Testing Jobs
Html Jobs
IT Jobs
Logistics Jobs
Customer Service Jobs
Airport Jobs
Banking Jobs
Driver Jobs
Part Time Jobs
Civil Engineering Jobs
Accountant Jobs
Safety Officer Jobs
Nursing Jobs
Civil Engineering Jobs
Hospitality Jobs
Part Time Jobs
Security Jobs
Finance Jobs
Marketing Jobs
Shipping Jobs
Real Estate Jobs
Telecom Jobs

Senior Application Security Architect

Appcast Enterprise
Job LocationSunbury-on-Thames
EducationNot Mentioned
SalaryCompetitive salary
IndustryNot Mentioned
Functional AreaNot Mentioned
Job TypePermanent , full-time

Job Description

Job Details What you will doThe future is being built today, and Johnson Controls is making that future safer, greener, efficient building solutions and services. We are harnessing the power of cloud, data analytics, the Internet of Things, and user design to deliver on the promiseof intelligent buildings and smart cities that connect communities in ways that make people’s lives – and the world – better.In this career defining opportunity within the Global Product Security organization, you will drive continuous improvement initiatives aligned to our cybersecurity maturity framework and roadmap, ensuring proactive management of security and data privacyrisk across the full lifecycle of our products, platforms, and service offerings. You will apply your expertise in secure software development practices to ensure security and privacy by design requirements are fulfilled and that products, solutions, and servicesare released to market with strong cybersecurity.How you will do it

  • Provide cybersecurity expertise and guidance to product development teams and business leaders throughout all phases of the software development life cycle.
  • Architect security and privacy by design and secure-by-default into the entire stack from design through operations in the cloud.
  • Drive secure SDLC activities -- requirements, architectures, threat models, SAST, DAST, penetration testing
  • Specify and design secure operations features for platforms
  • Review security policies, standards, and metrics to drive improvements
  • Quantify residual product risk and identify appropriate security controls.
  • Review changes made via the DevOps pipeline and processes
  • Develop methodologies and processes that align product risk assessments to DevOps
  • Review product architectures for security design gaps and vulnerabilities and consult with product teams to remediate or mitigate cyber risk.
  • Assist coordination of penetration testing engagements with product teams.
  • Help engineers and product managers identify solutions to meet cybersecurity requirements.
  • Help business leaders understand security risks during resource planning.
  • Assist coordination and tracking of vulnerability remediation activities.
  • Support reporting to executive leadership on the status of product security, risks, mitigations, and trends.
  • Use agile project management to manage resources and track milestones and deliverables.
  • Identify cybersecurity features that enhance developer and customer experiences.
What we look forRequired:
  • Bachelor’s or higher degree in engineering, cybersecurity, or related technical degree
  • Minimum 10 years of product or application cybersecurity experience
  • Expert knowledge and practical product and software security experience, including secure SDLC practices, defense-in-depth design architectures, and secure by default configurations
  • 5 years of experience delivering results using agile methodologies and tools
  • 3 years of experience supporting software security governance and compliance activities, i.e. metrics, assessments, audits, exercises, risk frameworks, and maturity models
  • 2 + years experience with Cloud technologies;
  • Ability to build trust with stakeholders and explain complex security topics to all audiences
Preferred:
  • CSSLP, CISSP, CCSP, OSCP, CEH or other cybersecurity certifications
  • Masters degree in Cybersecurity, Computer Science, Engineering, or Information Systems
  • 2 years of experience with technology risk management related frameworks such as RMF, NIST 800-53, ISA/IEC 62443, UL CAP, ISO 27001, GDPR, CSL, SOC 2 or other comparable
  • Demonstrated ability to lead change initiatives that intelligently manage software security
  • Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls
  • Practical experience with operating systems
  • Practical experience with programming and scripting languages
  • Practical experience security tools
  • Practical experience building multi-tenant platforms or service offerings

APPLY NOW

Senior Application Security Architect Related Jobs

© 2019 Naukrijobs All Rights Reserved