Security Architect
Ascendion
- New York, New York, United States
- New York, New York, United States
About
Remote
About Ascendion Ascendion is a full-service digital engineering solutions company. We make and manage software platforms and products that power growth and deliver captivating experiences to consumers and employees. Our engineering, cloud, data, experience design, and talent solution capabilities accelerate transformation and impact for enterprise clients. Headquartered in New Jersey, our workforce of 6,000+ Ascenders delivers solutions from around the globe. Ascendion is built differently to engineer the next.
Engineering to elevate life
Key Responsibilities
Interact with client stakeholders to understand Business and Technology constructs. Understand Security, Privacy and Compliance requirements in context of DevSecOps.
Create a custom Threat Model by curating features from industry leading models such as STRIDE, ATT&CK, PASTA, and LINDDUN.
Create Threat Modelling methodology consisting of Process, Techniques & Tips.
Create BIA, PIA, and Risk/BCV assessment frameworks as per the client Business and Technology landscape by leveraging industry leading frameworks.
Perform end to end BIA, PIA, and Risk/BCV assessments for enterprise solutions.
Develop a catalogue of Security Controls to be leveraged for designing security of enterprise solutions. Develop controls selection criteria and Design considerations.
Define security testing frameworks (manual, automated, SAST, DAST) and oversee testing activities.
Create incident monitoring and response templates and perform monitoring setup, incident handling, and readiness activities.
Undertake reviews of developed frameworks with client stakeholders and incorporate inputs.
Undertake trainings for client teams on developed frameworks and materials.
Skills Required
In depth knowledge of DevSecOps/Application Security Management
Must have spent 3-5 years in DevSecOps/Application security Management.
Hands on with threat modelling, BIA, PIA and risk management
Excellent knowledge of security control frameworks (ISO 27001, NIST CSF, CIS, ATT&CK)
Excellent knowledge of privacy controls (OECD, ISO 27701)
Must have consulting background of 5+ years
Good to have certification such as CISSP, CISM, CRISC, CSSLP, E|CDE, CDP, GCSA
Salary Range The salary for this position is between $120,000 - $150,000 annually. Factors which may affect pay within this range may include geography/market, skill, education, experience, and other qualifications of the successful candidate.
Benefits The Company offers the following benefits for this position, subject to applicable eligibility requirements: [medical insurance] [dental insurance] [vision insurance] [401(k) retirement plan] [long-term disability insurance] [short-term disability insurance] [5 personal day accrued each calendar year. The paid time off benefits meet the paid sick and safe time laws that pertains to the City/ State] [10-15 day of paid vacation time] [6 paid holiday and 1 floating holiday per calendar year] [Ascendion Learning Management System]
Seniority Level Mid-Senior level
Employment Type Full-time
Industries Technology, Information and Internet and Retail
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.