What are the responsibilities and job description for the Application Security Architect position at The Custom Group of Companies?
Responsibilities:
- Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses.
- Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities.
- Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations.
- Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams.
- Conduct security reviews and provide guidance on security requirements for new features and projects.
- Assist in the analysis, selection and rollout of new application security tools, processes, and standards.
- Stay up to date with the latest security threats, vulnerabilities, and industry best practices.
- Proven experience in application security with a focus on application security testing and vulnerability management.
- Hands-on experience with Application Security tools.
- Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques.
- Experience with threat modelling methodologies and tools.
- Proficiency in at least one programming language (e.g., Java, Python, JavaScript).
- Excellent communication and collaboration skills, with the ability to work effectively in cross-functional teams.
- Strong understanding of risk management.
- Degree in technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent).
- Relevant security certifications (e.g., CISSP, CEH, CSSLP) or equivalent is preferred.