Application Security Architect

ServiceMaster   •  

Memphis, TN

5 - 7 years

Posted 215 days ago

This job is no longer available.

Job Description

As part of ServiceMaster Information Security, the Application Security Architect enables our software development and business teams to achieve their objectives with informed decisions that balance risk with business opportunity. The candidate must provide actionable security strategies, architectures and solutions. ServiceMaster is seeking a talented information security professional who will make significant contributions to the application security domain.Successful candidate will:• Take strategic ownership of the application security architecture domain• Collaborate with security and technical domain experts, internal customers and key external partners on application security related initiatives, projects, and new technology development to identify risks, define and drive strategies, and recommend mitigating controls.• Enable improved business product delivery velocity through improving information security alignment within all our development programs, reducing security incidents/rework, driving automation and integrated security processes.Required Qualifications • 5+ years of information technology systems design and planning experience; in systems, applications, or architecture• 3+ years of information security experience• 3+ years of secure SDLC and/or Agile methodologies experience• 1+ year of design pattern experience • Experience in secure application development with one or more programming languages (Java, C/C++, C#, ObjC, etc.), scripting languages (JavaScript/JScript, ASP/JSP, Perl, etc.), runtime platforms and frameworks (J2EE, .NET, LAMP, etc.), distributed protocols (XML, SOAP, DCOM, RMI, etc.), and their unique security vulnerabilities.• Experience in developing/deploying mobile applications (iOS, Android, Chromium)• Single-Page Applications and frameworks (AngularJS, NodeJS, etc.) Desired Qualifications • Experience influencing management on technical or business solutions• Experience with a wide application of technical principles, practices, and procedures to multiple applications or a component family• Excellent verbal, written, and interpersonal communication skills• Ability to interact with all levels of an organization• Ability to influence and build relationships with LOB stakeholders, technology CIO leadership, external service providers, and architecture teams• Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats• Web application security vulnerability detection and mitigation experience• Knowledge and understanding of application or software security such as: static and dynamic code scanning, web application penetration testing, secure code review, secure static code analysis• Knowledge and understanding of monitoring the development of security vulnerabilities, threats, exposures, associated risk, and mitigating solutions• Knowledge and understanding of cryptography and key management• Knowledge and understanding of web services, SOA (Services Oriented Architecture), microservices, and API biased architectures• Experience in Agile Development, DevOps methodologies and patterns.• Knowledge and understanding of diverse platforms and operating systems, including current and emerging technologies• Experience delivering sound security strategy to web applications Other Desired Qualifications • Familiarity with securing database platforms such as Oracle, SQL Server, DB2, and nonrelational databases (MongoDB, Hadoop, etc.)• Familiarity with cloud and virtualization technologies, including containerization and serverless deployments.• Familiarity with software development/deployment methodologies including agile, Continuous Integration/Continuous Deployment (CI/CD), DevOps, and secDevOps• Familiarity with OWASP, NIST, ISO, PCI DSS, CLASP, CVE, WASC• Security certifications such as CISSP, CSSLP, ISSAP, ISSMP, GWEB, GSEC, GPEN

The above statements are intended to describe the general nature and level of work being performed by associates assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.

ServiceMaster is committed to Diversity and Inclusion. We encourage diverse candidates to apply to this position.

An Equal Opportunity/Affirmative Action Employer – of Minorities/Females/Veterans/Individuals with Disability/Sexual Orientation/Gender Identity.