Senior Application Security Architect
Company: Disability Solutions
Location: Denver
Posted on: October 27, 2024
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Working at Bank
of America will give you a great career with opportunities to
learn, grow and make an impact, along with the power to make a
difference. Join us!Job Description:The architect is responsible
for leading the effort to develop and maintain the application
security blueprint for the bank by engaging with Global Information
Security (GIS) product managers, security architects, solution
architects, enterprise architects, and analysts to identify and
capture artifacts of application security architecture, end to end
application security controls in SDLC processes, process
interconnections, and technology interaction points as well as the
product roadmaps. The architect will work with the teams across GIS
application security domain to develop and document the application
security architectural strategy and evaluate the current
architectural level.The architect will be responsible for leading
the solution design effort and provide specific practitioner
guidance to remediate the defects identified using SAST, DAST or
other programmatic technology by working closely with development
community, GIS Application Development Security Framework teams,
application security governance team and other security architects.
The architect will manage and maintain the application security
defect remediation knowledgebase and update the artifact as needed.
The architect will participate the security assessments for various
emerging technologies, such as blockchain/DLT, GenAI, and
Postquantum to provide input from application security
perspective.With a background in security of specific technologies,
the architect will share experience and expertise with team members
and will participate in peer reviews of execution and delivery of
application security architecture services.Primary
Responsibilities
- Engage technology teams, security architects, solution
architects, enterprise architects and application architects to
identify and understand significant application security
architectures used at the bank
- Lead the technology architectural strategy development for GIS
Application Security domain.
- Lead the development and annual refresh of GIS application
security blueprint and capability model updates.
- Manage and update an enterprise library of application security
defect remediation guidance
- Contribute to security risk assessment and study for the
emerging technologies.
- Pro-actively engage stakeholders, including development
managers, developers, architects, and governance bodies in the Bank
to achieve security objectives
- Regularly interact with senior technology and business
management, requiring the ability to explain complex technical
matters in a way both technical and non-technical personnel can
understand
- Manage business partner relationships to deliver a seamless and
responsive workflow
- Align with information security architects to understand the
trajectory of evolving information security control technologies
and processesRequired Skills
- 10 -15 years of progressive experience in application security
and / or software development, at least 2 years of experience in
application security
- Knowledge of one or more enterprise application platforms and
secure development in the same
- Knowledge of relevant standards, including IETF (e.g., HTTP,
TLS, and networking), W3 (e.g., HTML, JavaScript, DOM) as well as
platform-specific standards
- Exposure to application security testing techniques
- Able to read and write software in at least one programming
language such as C, C++, .Net, Java, Python
- Comprehensive understanding of at least one application
security life cycle, up to and including operations, maintenance
and decommissioning
- Knowledge of at least one application security testing
methodology / approach, including formal methods, system level
security, SAST / DAST, threat modeling, ethical hacking and
crowd-sourcing
- Experience with business planning, governance and management of
application development or application security functions at a
systemically important financial institution
- Ability to document and summarize the solutions and guidelines
around application security and associated topicsDesired Skills:
- Bachelor's degree or higher in CS, IT, a related technical or
engineering field
- Application development or security testing experience
- Experience working in the financial sector
- CISSP or similar professional certification, or commensurate
experience
- Technical writing skills
- Cyber security experience at a systemically important financial
institution
- Experience working at a bank, credit union, money services
business, or similar
- Experience with online collaboration tools and technologies
such as SharePoint, Slack, HipChat, video conferencing
- Experience with source control, agile development, bug
tracking, build automation, and change control platforms
- Experience with dynamic application security defensive
technology, such as WAF, RASP, and compiler security mechanisms and
language-theoretic security
- Knowledge of NIST 800 series, FIPS standards, ISO 27000 series,
CSA and related standardsThis job will be open and accepting
applications for a minimum of seven days from the date it was
posted.Shift:1st shift (United States of America)Hours Per Week:
40Pay Transparency detailsUS - CO - Denver - 1144 15th St (CO9926),
US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)Pay
and benefits informationPay range$135,600.00 - $202,000.00
annualized salary, offers to be determined based on experience,
education and skill set.Discretionary incentive eligibleThis role
is eligible to participate in the annual discretionary plan.
Employees are eligible for an annual discretionary award based on
their overall individual performance results and behaviors, the
performance and contributions of their line of business and/or
group; and the overall success of the Company.BenefitsThis role is
currently benefits eligible. We provide industry-leading benefits,
access to paid time off, resources and support to our employees so
they can make a genuine impact and contribute to the sustainable
growth of our business and the communities we serve.
Keywords: Disability Solutions, Centennial , Senior Application Security Architect, Other , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...