---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Application Security Architect
Location: Poway, California, United States
Type: Permanent F/T
Closing Date: 2006-07-23
First Advantage Corporation (NASDAQ: FADV) combines industry expertise with
information to create products and services that organizations worldwide use to
make smarter business decisions. First Advantage is a leading provider of
business credit information in the transportation industry; consumer credit
information in the mortgage, automotive and subprime markets; motor vehicle
record reports; supply chain security consulting; employment background
verifications; occupational health services; applicant tracking systems;
business tax consulting services; insurance fraud, corporate and litigation
investigations; surveillance; computer forensics; electronic discovery; data
recovery; due diligence reporting; resident screening; property management
software; renters insurance and consumer location services. First Advantage
ranks among the top three companies in all of its major business lines. First
Advantage is headquartered in St. Petersburg, Fla., and has 3,300 employees in
offices throughout the United States and abroad. More information about
First Advantage can be found at www.FADV.com.
PRIMARY PURPOSE OF POSITION
Position is responsible for working with application developers, development
managers, application analysts, and business units towards the implementation
of technology controls and processes, risk mitigation techniques, and
standardized information security solutions for the Company’s in-house and
third-party applications.
ESSENTIAL JOB FUNCTIONS
The Sr. Application Security Lead role is to:
1. Perform security risk assessments and security exposure analysis of
business applications and databases.
2. Identify, document, and report security issues and concerns to
management. Follow-up on action items to resolve security exposures.
3. Act as an active advisor to business units and application development
teams and offer solutions to new risks and threats.
4. Contribute to the technical understanding and promotion of new and
existing information security standards, solutions and tools with respect to
applications (Web-based, Legacy, etc.) and databases.
5. Provide understanding of application security and software quality
assurance and influences application development teams (as well as business
units) in integrating security at the design and development phase.
6. Develop and enforce security requirements as part of the Company’s
application and system development lifecycle.
7. Develop and enforce security processes and/or methodologies to (1)
integrate security requirements within applications and databases; and (2)
monitor security settings within applications and databases.
8. Develop security policies, standards, procedures, and guidelines that
will assist the application development teams in integrating security
requirements within their applications and databases.
9. Provide clear and concise recommendations and guidance in written and
verbal form to both business and technology personnel.
10. Evaluate and participate in outsourcing initiatives and/or third-party
processing.
11. Provide training and advice to junior application security staff and/or
other non-security professionals, including staff in the business units.
12. Operate and evaluate code scanning and review tools.
13. Perform code and security settings reviews of applications and
databases.
14. Participate in application analysis and design sessions with the
application teams.
15. Direct and assist the Technical Architecture Group in establishing a
security infrastructure for the Business Units and their applications/databases.
16. Provide input to the Information Security awareness program.
17. Provide input to the annual security budget cycle.
18. Work effectively across a large organization with many business units
and requirements.
19. Performs other miscellaneous duties as assigned.
First Advantage Corporation is an Equal Opportunity/Affirmative Action employer
committed to diversity in our workforce. We are dedicated to attracting and
retaining the best-qualified people available, without regard to race, color,
religion, national origin, gender, sexual orientation, age, disability or
status as a veteran of the Armed Forces.
JOB REQUIREMENTS
---------------------------------------------------
JOB-RELATED QUALIFICATION STANDARDS
Education
BA/BS degree in Computer Information Systems or Business Management
Master’s degree in Computer Science or Business Management, or related
field a plus
Training courses, seminars, certifications (project management, application
analysis, design, development, and programming and/or security related
education experience preferred)
Knowledge / Skills
Must have hands on working knowledge of application analysis, design,
development, and programming
Must be familiar with and able to apply time proven generally accepted security
methods, concepts, and techniques
Ability to articulate security policies, procedures, and guidelines to all
levels of management and staff required
Excellent written and verbal communication skills
Ability to develop effective recommendations for security information assets
required
Good understanding of application security and development processes
Must have working knowledge of Web Services
Must be very familiar with risk analysis and risk management, cryptography,
firewalls, IP and Web and application/database security
Understanding of the security implications of the major regulations such as
Sarbanes-Oxley and CA Privacy Law SB 1386 a strong plus
Must be able to manage both time and work load without constant supervision
Work Experience
Seven to ten years in application/system analysis, design, development, and
programming required
Seven to ten years experience in information security or related fields a plus
Financial industry experience a strong plus
Project Management skills required
Audit background and/or consultant a strong plus
Licenses or Certificates
Industry certifications such as GIAC, CISSP etc. desirable but not necessary
Certifications in application analysis, design, development, and programming
preferred
Mental Demands
Excellent interpersonal communication, project management and leadership skills
Must be a team player
Must be able to communicate effectively and tactfully with managers and all
levels of personnel (in person, on the telephone and through written
communication)
Must be able to work with minimal supervision
Be a self-starter
Excellent analytical and problem solving skills
Must be able to work independently and in a team environment
Must be able to pay close attention to detail and understand written and oral
instructions
Must be able to handle multiple projects simultaneously
Must be able to prioritize multiple tasks and respond to emergencies
Must be able to work efficiently under time constraints
Must be able to understand technical manuals, software specifications, hardware
principles of operations, and systems software operations
Must be able to organize and schedule work effectively
Must have pleasant and professional attitude
Must be able to work flexible hours, including overtime, if and when necessary
CONTACT
---------------------------------------------------
Submit resumes to credcojobs@firstam.com with Job Title in the subject line.
First Advantage, Inc.
Dane Smith
Corporate Recruiter
dwsmith@fadv.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
