Job Details

Cyber Security Architect - Engineer Senior

Advertiser
Apex Systems
Location
Farmington, Michigan, United States
Rate
-
Objectives of the position
Providing a secure and trustworthy customer journey is one of our most important objectives. In order to expand our cybersecurity capabilities, Daimler Financial Services (DFS) is seeking an Architecture Security Specialist to execute the global AE strategy consistently across the region. The Application Security Specialist will report directly to the DFS Architecture and Engineering Lead.
The main objective for the Architecture Security Specialist is to deploy and operate application security capabilities, solutions and requirements, and Secure Profiling Services to DFS Critical applications. This includes code reviews and application focused attack and penetrating testing to support the identification and remediation of application-level vulnerabilities to meet DFS' risk management needs and business requirements.

Description of tasks
Key task Time (in %)
Application Security: Deploy and operate application security capabilities, solutions and requirements consistently across the region.
Systemically identify and document application level vulnerabilities
Communicate identified vulnerabilities and recommended mitigation strategies
Coordinate with the markets and monitor remediation activities.
Provide guidance and recommendations for remediating application vulnerabilities
Track and report on remediation status.
Facilitate and deliver targeted application security training.
Secure Profiling Service:
Identify and document threats using STRIDE and other DFS techniques for critical applications
Provide recommendation for the identified threats
Coordinate and Maintain the list of remediation activities

Bachelor's or Master's degree in Computer Science, Information Systems, Engineering, Information Security, Cybersecurity or a related field is required.
Experience
Minimum 10 years of relevant work experience in cybersecurity architecture and engineering.
Experience with a wide variety of Threat Modelling tools and other tools to include:
o Microsoft Threat Modelling Tool
o RedSeal
o CheckMarx
o Fortify
o Burp Suite
o ThreatModeler
o IriusRisk
o securiCAD
Experience in developing and implementing countermeasures to identified application security risks.
Experience interacting with development teams to articulate security requirements and processes while collaborating on architecture and engineering design options, implementation, testing and user acceptance.
Experienced in Threat Modelling including creation of Data Flow Diagrams
Experience identifying, evaluating and managing risk in a complex and changing environment.
Requirements/Knowledge
Must have knowledge on interpreting architectural blueprints for Datacenter and Cloud (IaaS, PaaS, SaaS etc.).
Experienced in Threat Modelling including creation of Data Flow Diagrams
Advanced ability to identify security vulnerabilities form source code reviews and application & Infrastructure testing.
Highly proficient in the configuration and deployment of applications in complex environments.
Working knowledge of NIST, Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM).
Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
At least one of the following certifications is required: CISSP, CSSLP, or ISSAP.

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or - provided by Dice

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events