Senior Application Security Architect – EMEA (UK, SP, other)
ADP is hiring a Senior Application Security Architect
Are you empathetic to client needs and inspired by transformation and impacting the lives of millions of people every day?
Well, this may be the role for you. Ready to securely design what's next?
In this role, you will work alongside passionate IT security practitioners and product development teams to enforce and deploy best product security architecture practices.
You will join the Product Security team within ADP’s Global Security Organization (GSO) that is delivering consulting services and is responsible for influencing developers and architects in securing ADP’s applications and products globally. The application security architects within the team have strong application security skills to design in proper security, risk, and privacy controls for ADP applications.
The candidate will intervene as a security referent with R&D teams (architects, product managers, development engineers) to address security issues related to architecture design (cloud and on-prem), development practices, and application vulnerabilities, with a focus on Threat Modeling.
The application security architect will participate in cybersecurity projects or initiatives aimed at improving the security culture among development teams, or to deliver new security standards according to the evolution of technologies and risks.
You will conduct technical analysis of application security and business security problems, as well as threats and incidents. You have experience explaining the prioritization of the security controls to be integrated as part of our Secure by Design model that internal teams will understand. As the architect partnered with all R&D teams at ADP, you must also have the ability to communicate well, motivate and influence cross-functional teams.
WHAT YOU'LL DO:
* Consulting: You will provide consulting services to software development teams on existing or new application architectures to help identify security needs, ensure compliance with security standards, and apply secure design patterns and best practices in software development.
* Application Security Architecture Reviews: You will conduct security reviews of ADP solution designs and architectures to identify potential threats and the security controls to implement, including using the Threat Modeling methodology.
* Influence on Developers and Architects: Communicate, gather, and collaborate with developers and architects from ADP development teams to adopt security principles in their practices throughout the software lifecycle.
* Prioritization Skills: You will prioritize technical controls based on the criticality of risks, ensuring that solution architects focus on the most critical standards and controls.
* Security Technology: Participate in strategic projects aimed at providing comprehensive security solutions to enhance the security posture of web applications and APIs.
* Continuous Learning: Keep up with the constantly evolving technologies and threat landscape, maintaining your ability to assess new technologies and newly developed products.
* Policies and Standards: Collaborate in maintaining and improving policies, standards, and best practices for application security.
TO SUCCEED IN THIS ROLE:
* You have 8+ years of experience in relevant skills gained and developed in the same or similar role.
* Experience in application security architecture in enterprise-class organizations.
* Expertise in application development across multiple languages and platforms.
* Experience in securing cloud environments (AWS, Azure, GCP) and containers.
* Must possess significant knowledge of Application Security, Web Application Design, Information Security, Databases, and Common Coding practices.
* Experience creating technical security policies and standards.
* Expertise in building application-level Security, Risk, and Privacy controls into cloud applications.
* Knowledge of data encryption and key management.
* Knowledge of Identity and Access Management systems.
* Ability to perform risk assessments and threat modeling (like STRIDE model).
* Must be able to function in a dynamic environment subject to impromptu changes in schedules and priorities.
* Demonstrate well-developed organizational, written communication, and analytical skills.
* Knowledge of NIST Cybersecurity Framework, OWASP SAMM, OW
#J-18808-Ljbffr