*We are unable to sponsor as this is a permanent full time role*

A prestigious fortune 500 company is on the search for a Security Architecture & Application Security Director. This director will manage over security architecture and application security. They will need to have experience with cloud security such as AWS, GCP, and Azure. This director will need experience with application security such as Microservices, Multi-Tier web and Client Server. Also needed is experience with at least one industry standard InfoSec control frameworks such as ISO 27001/27002, NIST, and CIS

Responsibilities:

• Provide InfoSec domain expert (SME) support to LOBs and associated Project Teams
• Collaborate with Project and Technical Teams to identify ISA involvement and associated level of effort (LOE) required to support project and core initiatives
• Develop and execute secure software development strategy for the enterprise, including policies, standards, and governance
• Develop communications program for application threats and external and internal security events
• Improve and expand application security risk posture and processes across the enterprise
• Actively participate under the direction of the CISO to support current and future business models, strategies, and processes
• Lead, track, and assign security architecture resources
• Manage a team responsible for conducting static code analysis, threat modelling and developer training program
• Manage and design automation to integrate Application Security into various CI/CD across the enterprise

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, related field or equivalent work experience
• Minimum of 10-12 years of Information Security experience
• Have a detailed understanding of at least one of the industry standard InfoSec control frameworks such as ISO 27001/27002, NIST, and CIS
• Experience with software assurance best practices and solutions
• Experience leading large technical teams
• Industry certification (CISSP, CISM, CEH) preferred
• Cloud Certifications (AWS, GCP, or Azure) preferred
• Understand the concepts and applications of the following architecture and design principles and practices:
• Cloud security (IaaS, PaaS, and SaaS) across multiple cloud platforms such as Azure, AWS, and Google.
• Network security and segmentation
• Data security
• Application security (Microservices, Multi-Tier Web and Client Server)
• End-Point Security (desktops, laptops, Servers, etc.)
• Mobile device security (smartphones, tablets, iPads, etc.), to include Bring Your Own Devices