Great careers start here
📁
Engineering/IT/Security/Software Development
📅
190000IA Requisition #

The Application Security Architect position is responsible for driving all aspects of secure design, build, operation and assessment across our Financial Instance Issuance (FII) Managed Service Operations (MSO) and Cloud product. In this role, the candidate will ensure that EDC operations are appropriately secure and consistent with Payment Card Industry (PCI) security audit and compliance program requirements.  Entrust Datacard is seeking an individual to work closely with various teams to provide architecture leadership in a growing company with challenging compliance obligations.  The ideal candidate will be skilled in effective collaboration with the business, product management, Devops, IT, OT, and the wider security teams on a variety of projects and initiatives as a trusted security subject matter expert.


Responsibilities:

  • Support the Security Architecture; a team with responsibility for enterprise security architecture, strategy, and roadmap prioritization.
  • Architect and design security solutions that enforce security consistently across internally developed, commercial-off-the-shelf and cloud-based applications.
  • Perform security architecture reviews for consumer-off-the-shelf (COTS) and internally developed projects supporting safe and compliant production go-live.
  • Participate in design reviews with, provide design support to Development teams as needed.
  • Develop/evangelize application security policy, standards and guidelines.
  • Identify and support design architecture patterns and anti-patterns to support initiatives across the enterprise.
  • Assess varied SDLC processes and promote adoption of secure SDLC practices.
  • Develop/identify procedures to automate security tasks during code builds, testing and deployments
  • Analyze information security systems and applications, recommend and develop security measures to protect information against unauthorized modification or loss.
  • Evaluate/apply new and emerging security technologies and solutions.
  • Explain and demonstrate vulnerabilities to application developers and/or QE teams as needed; provide recommendations for mitigation issue reports on assigned application and system scans.
  • Provide interpretation and remediation of vulnerabilities across a variety of applications and platforms
  • Support remediation, providing recommendation and requirements, of vulnerabilities and design flaws
  • Lead secure integration design, emphasizing support of implementation with platforms such as Splunk, ArcSight, Threat Analytics and UEBA.
  • Work with product and platform teams to identify security controls, targeting DevSecOps automation goals
  • Practical experience with one or more of the following languages; Java, .Net, PowerShell, C, C++, Bash, Perl, JavaScript.
  • Work directly with Security Operations Center (SOC) and Technical Vulnerability Management (TVM) teams.
  • Support and conduct, as needed, penetration testing of internally developed applications.
  • Support and conduct, as needed, white box (source code) and black box (dynamic) security testing to assess and validate identified application security vulnerabilities across variety of application.
  • Respond to and, when appropriate, resolve or escalate security incidents to Entrust Datacard (EDC) security incident and forensics team.
  • Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
  • Embrace a culture of continuous service improvement and service excellence; Provide recommendations for business and process improvement.
  • Mentors other junior team members and cross-functional team members.

 


Basic Qualifications

  • Bachelor’s Degree in Computer Science, Information Systems, or a related discipline or equivalent work  experience.
  • 5+years development and Architecture experience
  • Hands-on knowledge of identity, authentication, and authorization standards and technologies; including SAML, OAuth 2, OpenID Connect, SCIM, XACML, IDaaS, IAM/G, LDAP, RADIUS.
  • Knowledge of patterns for secure application design
  • Hands-on and design experience with most of the following application and services technologies:  AWS IaaS services, AWS PaaS services, SQL databases, REST, application servers, load balancers, NodeJS, AWS Lambda, proxies, key management systems.
  • Security architecture and detailed design skills for infrastructure components including network, security, server, storage, backup, virtualization, public cloud platforms and services.
  • Knowledge and experience with security attack patterns, threats, and vulnerabilities. Familiarity with Risk Management processes.
  • Must have unrestricted work authorization for US and Canada and ability to travel freely to the Canada, USA and internationally.
  • Industry recognized security certifications; e.g. CISSP, CISM, GIAC.
  • Ability to obtain a US Government Security Clearance.

 

Preferred Qualifications:

  • Experience with PCI frameworks (DSS, Card Production, etc.) and audit engagements.

 

 

 

 

About Entrust Datacard

 

Our growing company relies on curious, dedicated and innovative colleagues to anticipate the future and provide solutions for a more connected, mobile and secure world. Entrust Datacard technologies and expertise help government agencies, enterprises and financial institutions in more than 150 countries serve and safeguard citizens, employees and consumers. Each year, our solutions secure billions of transactions — and every day, our technologies issue and manage more than 10 million secure identities. How do we do all of this? Together.

Join us. Together we’ll create solutions for a more connected, mobile and secure life.

For more information, visit www.entrustdatacard.com. Follow us on Twitter, YouTube and LinkedIn.

 

 

Entrust Datacard Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.

 

NO AGENCIES, NO RELOCATION

 

#LI-SD

Previous Job Searches

Similar Listings

Shakopee, Minnesota, United States

📁 Engineering/IT/Security/Software Development

Requisition #: 190000FD

Shakopee, Minnesota, United States

📁 Engineering/IT/Security/Software Development

Requisition #: 190000AU

Shakopee, Minnesota, United States

📁 Engineering/IT/Security/Software Development

Requisition #: 190000CH