Senior Cyber Security Engineer/Architect | Financial Services
Location: Bay Area
Salary: $150,000 - $180,000 base + bonus
Glocomms are partnered with one of the worlds largest Financial Services firms in the search for a Senior Cyber Security Engineer/Architect with a strong background in Application Security and coding experience to join a team focusing on product security and architecture. We are searching for the right candidate who has experience in the full application development life-cycle from design through to production. You must have strong Threat Modelling experience and be able to drive the process from end-to-end.
Please see responsibilities below:
- Passionately drive Security Architecture as well as Design (including implementation and optimization) for Web, Native backend and API applications across the business.
- Conduct analysis of risks and threats from the initial design stage of the application development life-cycle in-line with Engineering, Security, Architecture and IT standards.
- Manage thorough security and design reviews and conduct detailed threat modelling activities through out the entire application development life cycle.
- Further develop security to protect applications from threats and attackers across platforms such as:
- Cloud (AWS & Azure)
- Web Technologies (SOAP, HTTP, REST, AJAX)
- Web Access Management solutions (Siteminder, Forgerock, and various in-house custom Security Frameworks)
- Programming languages (Java, JavaScript, C, GoLang, C++)
- Databases (Couchbase, MySQL, SQL, Cassandra)
- Engage in Red Teaming/Table-Top exercises including Threat Emulation and Attack Simulation in order to eradicate vulnerabilities.
- Automate security processes and tools for Access Control, Security Transformation, Security Coding Practices and security-in-depth for both Web and Native application.
- Ensure all security is compliant and certified in standards such as PCI, NIST, HIPPA, FFIEC etc.
- Spearhead multiple projects by providing direction and oversight for the progress of large-scale programs which will have momentous impact to the wider enterprise and its success.
Please see required qualifications below:
- Higher education with 4+ years of hands-on/commercial experience.
- Experience with the full application development life-cycle from end-to-end.
- Strong experience designing security controls for web applications (ideally within the Financial Services space).
- In-depth technical experience working with security technologies such as Event Correlation, Intrusion Detection/Prevention, Policy Enforcement, Patch Management, Firewall, Anti-virus, Audit, Secure Application Development, Usage Monitoring, etc.
- Background/experience within the Software Development space (Java, C, C++, Swift).
- Expertise in backend services such as IAM, API Gateway, Data Protection/DLP, SIEM.
- Have in-depth knowledge and experience with current regulatory, legal, and compliance standard requirements with regards to transaction processing (PCI, SOX, HIPPA, GLB).
- Deep knowledge of familiar web attacks as mitigation such as SANS and OWASP.
- Experience working with Cloud based services on a large-scale (Saas, IaaS, PaaS) as well as understanding the challenged faced when deploying Cloud Applications.
This is a challenging and exciting opportunity for a well-versed Senior Cyber Security Engineer/Architect to join a world-leading Financial Services firm and have a huge impact to the security, and progress of this organization. If you are a strong fit for this position, please apply and Akash Solankee from the Glocomms Cyber Security Team will reach out to you directly.