---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Application Security Architect
Location: Towson, Maryland, United States
Type: Permanent F/T
Closing Date: 2007-01-11
LEAD ECOMMERCE APPS SECURITY- Web Application Security
Client seeking to hire a full time
Lead ECommerce Applications Security for their Towson, MD location!!!! THere is
also a similar position in DC near metro!!!
This is a Fortune 500 WONDERFUL company full of technology. They are taking the
company to the next level and need to fill this position to help protect their
systems. They have the LATEST technology and open to ideas and suggestions at
meetings!!!!
PLUS: They will train on specific products - more interested in the
applicications security knowledge!!!!
*************************************************
What will you be doing:
* In a nutshell: You will be part of a fantastic top technology team that will
be implementing and creating a stardarized application security model in the
company for all applications that company brings into its company. It will
involve solutions design and integration.
* You will work collaboratively with solutions architects, application
developers and other project/IT stakeholders. Leverage level 2 architectural
information and produce level 3 or equivalent security design, and follow
through to the construction/implementation working closely with developers and
security administrations.
* Define methods and procedures to implement security for proprietary and third
party applications. Function as a security technical lead with respect to
integration of SOA/web service security, application governance layer, security
infrastructure layer, and backend (including mainframe) security.
* Provide technical subject matter expertise on improving security posture for
applications, defining and designing roles and privileges and guidance on the
best approach to building and application security capabilities, provide
assistance in building shared and reusable security layer for applications.
* Serve consultative resource to IT staff by performing or assisting with
system design in areas such as infrastructure, security, operations,
integration, execution and network, often spanning multiple heterogeneous
platforms, and particularly as these designs apply to new business drivers such
as eCommerce and other Web Technologies. Also performs or assists in problem
resolution, recommending alternative techniques and providing training and
guidance related to primary areas of responsibility and emerging technologies.
* Develop, coordinate and manage projects and project plans for development;
develop proposals and delivery tasks/issues.
* Technical and business writing; including formal/informal oral presentation;
Standards development.
* Functions as an Enterprise Applications integration specialist for
interoperability design and problem resolution related to business applications
and related middleware components.
* Performance monitoring, capacity planning, system tuning, availability
planning;
Design and implement next generation web and multi-tier solutions for new
applications and existing web-based and client-server application with minimal
assistance.
* Select, evaluate and recommend third-party software solutions for business
problems.
JOB REQUIREMENTS
---------------------------------------------------
Technical skills needed to get an interview:
===========================================
STRONG application security knowledge.
Preferably previous development background to really understand the security
layer of applications.
Identity management and Access management knowledge.
Be able to be part of a team to put together solutions for enterprise level
application security.
Technical skills: Proven track record of designing and delivering security for
host-based, client/server, and Internet/Intranet multi-tiered heterogeneous
application/infrastructures and environments.
Thorough knowledge of: (a) security associated with B2B/B2C, HIPAA and PHI
transactions (b) Internet/Web systems security, including SOA/Web service
security, PKI infrastructure and implementation, and security for testing and
governance tools. Ability to leverage existing security infrastructure (like
access controls, Firewalls, IDS/IPS, identity and access management, encryption
tools, Web Access Control/Management, LDAP etc) in designing and implementing
defense in-depth application security.
The following are considered as plus: (a) Knowledge of BMC (WAM and Control-SA)
and IBM (TIM/TAM eB) security products/tools (b) Knowledge of Tibco Business
Connect and Tibco Business Works or other EAI and B2B gateways products/tools
(c) Knowledge of healthcare insurance related IT applications.
CONTACT
---------------------------------------------------
Please send resume in a WORD document to robin@executivelevels.com. THEY WILL
INTERVIEW ASAP!
Robin Owens-Wright
robin@executivelevels.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
