Information Security - Senior Application Security Architect (SASA)
The Application Security Architect (ASA) will provide lifecycle information security support to key Franchise and other designated application development teams. Key responsibilities for this role will be to engage in the initial requirements definition (including analysis of threats and risks and alignment with Citi IS and Architecture standards); conduct and facilitate security reviews including SSDLC testing requirements throughout the development lifecycle; facilitate "table-top"/red-team/scenario analysis exercises in conjunction with other SME's; and plan the resolution of any identified vulnerabilities/issues. They will monitor changes in the risk profile and exposure for the application, perform regular assessments based on changes in the threat landscape and on Citi and industry incidents, and review all proposed changes to ensure that effective controls remain in effect! .
This role will also work with the CTO and Global IS organization to identify potential requirements/enhancements to IS and IT standards, tools, and processes based on the results of the work with the ASA's applications.
This role will also assist other application teams and IS functions including in the following areas: Provide ad-hoc security advice; Support technical risk assessments; Assist Security Incident Response Teams in the investigation of incidents; Assist the system development and infrastructure units in identifying IS risks and the appropriate controls for development, day-to-day operation, and emerging technologies.
Additional skills critical to this role: In depth, hands-on understanding of application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management); Thorough understanding of industry and corporate technology standards for Informati! on Security; detailed familiarity with security hacking tools ! and techniques; Strong understanding of business processes in support of online and mobile channels for financial industries; Strong judgment and decision-making skills; Excellent skills in preparing and present strategies, recommendations, and value propositions to senior leadership teams.
Apply for this job vacancy
No comments:
Post a Comment