Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Bank Of America Senior Application Security Architect 
United States, Colorado, Denver 
813016642

29.08.2024

Job Description:

Job Description:

The architect will participate the security assessments for various emerging technologies, such as blockchain/DLT, GenAI, and Postquantum to provide input from application security perspective.

Primary Responsibilities

  • Engage technology teams, security architects, solution architects, enterprise architects and application architects to identify and understand significant application security architectures used at the bank
  • Lead the technology architectural strategy development for GIS Application Security domain.
  • Lead the development and annual refresh of GIS application security blueprint and capability model updates.
  • Manage and update an enterprise library of application security defect remediation guidance
  • Contribute to security risk assessment and study for the emerging technologies.
  • Pro-actively engage stakeholders, including development managers, developers, architects, and governance bodies in the Bank to achieve security objectives
  • Regularly interact with senior technology and business management, requiring the ability to explain complex technical matters in a way both technical and non-technical personnel can understand
  • Manage business partner relationships to deliver a seamless and responsive workflow
  • Align with information security architects to understand the trajectory of evolving information security control technologies and processes

Required Skills

  • 10 -15 years of progressive experience in application security and / or software development, at least 2 years of experience in application security
  • Knowledge of one or more enterprise application platforms and secure development in the same
  • Knowledge of relevant standards, including IETF (e.g., HTTP, TLS, and networking), W3 (e.g., HTML, JavaScript, DOM) as well as platform-specific standards
  • Exposure to application security testing techniques
  • Able to read and write software in at least one programming language such as C, C++, .Net, Java, Python
  • Comprehensive understanding of at least one application security life cycle, up to and including operations, maintenance and decommissioning
  • Knowledge of at least one application security testing methodology / approach, including formal methods, system level security, SAST / DAST, threat modeling, ethical hacking and crowd-sourcing
  • Experience with business planning, governance and management of application development or application security functions at a systemically important financial institution
  • Ability to document and summarize the solutions and guidelines around application security and associated topics

Desired Skills:

  • Bachelor’s degree or higher in CS, IT, a related technical or engineering field
  • Application development or security testing experience
  • Experience working in the financial sector
  • CISSP or similar professional certification, or commensurate experience
  • Technical writing skills
  • Cyber security experience at a systemically important financial institution
  • Experience working at a bank, credit union, money services business, or similar
  • Experience with online collaboration tools and technologies such as SharePoint, Slack, HipChat, video conferencing
  • Experience with source control, agile development, bug tracking, build automation, and change control platforms
  • Experience with dynamic application security defensive technology, such as WAF, RASP, and compiler security mechanisms and language-theoretic security
  • Knowledge of NIST 800 series, FIPS standards, ISO 27000 series, CSA and related standards

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

1st shift (United States of America)