Offres d'emploi
Trouvez des postes près de chez vous, sur site, hybrides ou à distance.- Emplois similaires à : Application & Platform Security Architect
Application & Platform Security Architect
AllerganAustinCompany Description About AbbVie AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. W
Application Security Architect
Daley and AssociatesBostonApplication Security Architect Our client, a Boston-based financial services firm, has an immediate need for an Application Security Architect to join their team on a 6-month contract to start, onsite
Senior Application Security Architect
TekgenceCharlotte1 day ago Be among the first 25 applicants Direct message the job poster from Tekgence Inc We are seeking a highly skilled and experienced Application Security Architect with strong DevSecOps expertis
Staff Application Security Architect
United States Digital Space LLCBostonUnited States Digital Space LLC in Boston seeks a Staff Application Security Engineer to set the technical direction for application security at scale. In this pivotal role, you'll define frameworks a
Senior Application Security Architect Secure by Design
HobbsnewsDenverHobbsnews in Denver, CO, is looking for an experienced Application Security Solution Architect to drive collaboration across teams to enhance security adherence. The role involves analyzing and optimi
Application Security Analyst
Consumers Credit UnionLake ForestJoin a Great Place to Work certified company - our Information Security Team is seeking an Application Security Analyst !Are you passionate about securing applications and helping development teams bu
Lead Application Security Architect Secure SDLC & Architecture
PayActiv IncMilpitasPayactiv, Inc. is seeking a Senior Application Security Architect to lead security architecture and ensure secure software development through established protocols. You will evaluate system architect
Application Security Analyst
StellantisAuburn HillsThis role focuses on identifying, analyzing, and mitigating application security vulnerabilities throughout the SDLC. It supports a broader “Shift Left” cybersecurity strategy, ensuring security i
Mobile Security Engineer & Platform Architect
Clough AMECBuffalo GroveClough AMEC. is seeking a Mobile & Platform Engineer in Buffalo Grove, IL. This contract opportunity involves providing architecture and technical leadership across mobile and backend components. The
Software Architect III - Security & AI, Web Application Development
Eliassen GroupCentennialDescription: Hybrid 4 onsite / 1 work from home in Greenwood Village, COOur client seeks a Software Architect III to design and deliver secure, scalable cloud-native web application platforms on AWS.
Lead Application Security Analyst
National BankMontrealA career as a DevSecOps lead on the Asset Protection team at National Bank means serving as a specialist in application security, vulnerability management and DevSecOps practises. This position allows
Senior Application Security Analyst
Braxton-Grant Technologies, Inc. (BGCyberTech)AnnapolisDue to contract requirements, United States Citizenship is required for this role.Key Responsibilities:Lead secure application development practices across the software development lifecycle (SDLC).Co
Firmware Security Architect: Secure Platform Trailblazer
Jabil MalaysiaAustinJabil Malaysia in Austin is seeking a Firmware Security System Architect to lead security strategies across Cloud, Compute, and Networking product lines. The position requires over 15 years of experie
Application Security Pentester, Specialist
VanguardUnited StatesApplication Security Pentester, SpecialistApply (https://vanguard.wd5.myworkdayjobs.com/en-US/vanguard_external/job/Malvern-PA/Application-Security-Pentester--Specialist_178004/apply)locationsMalvern,
ERP Application Security Analyst
Caterpillar Financial Service CorpEast PeoriaCareer Area: Technology, Digital and DataJob Description:Your Work Shapes the World at Caterpillar Inc.When you join Caterpillar, you're joining a global team who cares not just about the work we do –
Application Compliance & Security Lead
Johns Hopkins Applied Physics Laboratory (APL)LaurelDescriptionAre you an authority in application security and compliance requirements, with experience in software development and tooling like SAST, DAST, and vulnerability analysis? Do you thrive in a
Sales Strategist - Application Security
Armis SecuritySan FranciscoSales Strategist - Application SecurityArmis, the cyber exposure management & security company, protects the entire attack surface and manages an organization's cyber risk exposure in real time. In a
Senior Data Security Architect (Data Platform Security)
McKessonColumbusMcKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible
IAM Platform Architect | Cloud, DevOps & Security
The Elevance Health Companies, Inc.AtlantaThe Elevance Health Companies, Inc. is seeking a Senior Developer for Identity and Access Management in Atlanta, Georgia. This role requires a blend of in-office collaboration and flexibility, with op
Remote Atlassian Cloud Architect - Platform & Security
CrowdStrike Holdings, Inc.CaliforniaCrowdStrike Holdings, Inc. is looking for an Atlassian Cloud Architect to oversee the design and maintenance of its Atlassian Cloud platform used by over 12,000 employees. You will drive platform gove
Firmware Security Architect: Compliance & Platform Planning
Plasticos Castella SAAustinPlasticos Castella SA is seeking a Firmware Security System Architect to drive the security strategy for firmware across various product lines. In this role, you will define security architecture stan
Cloud Security Architect & Platform Integration Lead
LPL FinancialAustinLPL Financial LLC is looking for a skilled Technical Leader to enhance integration, optimization, and interoperability within security technologies. Located in Austin, TX, this role encompasses engine
Consultant, Momentum Application Security Analyst
PowerToFlyVirginiaOur Deloitte Finance Transformation team practices to help chief financial officers, controllers, and finance teams define and execute their finance and global business services agendas and strategies
Platform Security Architect - Threat Modeling & Ecosystem
AppleNew YorkApple Inc. is seeking a Platform Architect - Security who will lead security architecture efforts and collaborate with diverse teams throughout product development. This role focuses on creating secur
Platform Security Architect - Lead Threat Modeling
AppleCupertinoApple Inc. is seeking a Platform Architect - Security in Cupertino, California. This role involves leading cross-functional teams to design and implement security architectures for Apple's cutting-edg
Application & Platform Security Architect
- Austin, Texas, United States
- Austin, Texas, United States
À propos
Job Description The Application & Platform Security Architecti s a member of the Information Security team and works closely with other members of the team to develop and implement a comprehensive information security program. This includes defining security policies, processes, and standards. We areseekinga highly skilled architect to collaborate with application development teams, ensuring secure design, coding, configuration, and deployment of technology solutions. The architect will not only focus on common security mechanisms like encryption and authentication but will also dive into application-level risks, session management, securing configuration files, and risk identification in system configurations. This role requires a deep understanding of secure application development practices, including the security of API interactions and cloud application environments.
Responsibilities
Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications.
Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction.
Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls.
Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards.
Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems.
Develop re-usable implementation guidance and design patterns based onpreviousengagements to scale the service.
Work with information security leadership to develop strategies and plans to enforce security requirements and addressidentifiedrisks in the infrastructure and applications.
Act as a security architecture liaison to IT delivery and engineering teams, embeddingsecurity principles into technical delivery and architecture review forums.
Support security aspects of business & IT initiatives byassistingin architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.
Work with information security leadership to develop strategies and plans to enforce security requirements and addressidentifiedrisks in the infrastructure.
Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies.
Establishcollaborative working relations with the Information Technology functions to ensure that solutions align with security architecture and business strategy.
Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed.
Research and assessnew informationsecurity threats and recommend remedial actions.
Foster an information security culture through education, skill development, and implementation of effective information security processes and practices.
Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety,GxPcompliance, data security, and the software development lifecycle.
Matures and leverages relationships with affiliates, subsidiaries, vendors, and industry peers in accordance with AbbVie Values, Vendor Management Office, and Purchasing to further the mission, vision, and goals of the organization.
Design the security architecture for applications, ensuring all components meet best practices and regulatory compliance.
Work closely with software development, DevOps, and operations teams to integrate security into the software development lifecycle (SDLC).
Lead efforts inidentifyingpotential threats through application threat modeling and propose design changes to mitigate risks.
Required Qualifications
Bachelor’s degree and 9 years ofexperienceOR Master’s Degree and 8 years ofexperienceOR PhD and 4 years of experience in information security and/or related functions (IT Audit, Risk Management or Security Architecture).
Must havedemonstratedexceptional ability to assess and communicate information security concepts and practices, with both business and IT stakeholders.
Requires in-depth knowledge of the systems development life cycle, clientarea’sfunctions and systems, and systems applications programs development technological alternatives.
Proven implementation of creative technology solutions that advance the business.
Relevant work experience is important for successful performance of this role due to the complexity of our global IT Security environment.
Strong understanding of application security principles, including OWASP Top 10, SANS/CWE Top 25, and secure coding practices.
Expertise in secure session management, token handling, and authentication mechanisms (OAuth, SAML, OpenID Connect).
Knowledge of cryptographic practices, encryption protocols, and PKI management.
Experience with containerization (Docker, Kubernetes) and cloud platforms (AWS, Azure, GCP).
Familiarity with tools for code analysis (e.g., SonarQube, Veracode) and vulnerability scanning (e.g., Burp Suite, Nessus).
Understanding ofDevSecOpspractices, including securing CI/CD pipelines.
Self-starter with the ability to work independently and manage multiple projects simultaneously.
Strong problem-solving and analytical skills with the ability toidentifysecurity risks andpropose effective solutions.
Ability to work collaboratively in cross-functional teams and influence technical teams towards secure implementations.
Understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD.
Advanced knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principles.
Understanding of federation technologies (WS-Fed, OAuth, OpenID connect, SAML …) and of encryption technologies (encryption types and protocols/standards).
Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project.
Significant SOX and HIPAA experience in dealing with IT general controls (ITGC),demonstratedthrough hands-on audit, remediation, and/or computer system validation.
Excellent understanding of current Information Security & Architecture trends and their impact on business strategiesincludingkey Information Security vendors and solutions, auditorganizations,and influential market research firms.
Excellent communications and influencing skills withstrongability to balance differing stakeholder interests through sound analysis and persuasion.
Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
Thorough understanding of Information Security frameworks and good practices (e.g.,ISO, NIST), and proven ability to strike a balance between an academic and pragmatic approach.
Preferred Qualifications
Information securityqualifications such as CISSP are preferred but not required.
Understanding the following concepts is a plus; identity management, federated identity services, incident management, access control, application vulnerability testing, public key infrastructure, Windows, and Unix/Linux, public cloud infrastructure, and services.
Additional Information
The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
This job is eligible to participate in our long-term incentive programs.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employer remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
#J-18808-Ljbffr
Compétences linguistiques
- English
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.