Finsearch recruitment are currently seeking a DevSecOps Architect on behalf of a Global Financial Services giant based in the West of Ireland. On site headcount is over 1500, this is an excellent opportunity to work with senior Global management, interacting with blue chip clients.
The Security Architect is a key technical leadership role within the DevSecOps function. Responsible for implementing secure modern business solutions supporting Cloud, Mobile, Social, Integration, and Data solutions. The individual will participate as a technical expert for supporting secure applications throughout the software development life cycle. The specific responsibilities will vary from project to project, providing excitement and variety, but also requiring flexibility and adaptability to learn as well as acquire new skills in support of leading edge technologies.
The candidate will work closely with the Information Security Office, Enterprise Architecture team, Business Architects, Data Architects, and delivery team members across the organization to leverage their expertise and ensure project solutions are in alignment with overall business and technology
Responsibilities to include:
Provides the architectural leadership in shaping strategic, application security technology programs for the Application Security Team under ISO organisation
Participates in the plan and design of security systems by evaluating and applying application security frameworks and technologies. Develop and implement the security requirements and standards for the SDLC
Experience with multiple Application Security Tools (SAST, DAST, IAST, MAST) and the integration into the SDLC via CI Automation and Integration
Assists in determining security requirements by evaluating business strategies and requirements; researches information security standards; conducts system security and vulnerability analyses and risk assessments; studies application architecture/platform; identifies integration issues.
Experience with modern application packaging, deployment, containerization, bug tracking tools and other supporting tools (Jenkins, Maven, Docker, Kubernetes, Jira, etc.
Experience with modern source code management and software repository systems (Git/GitHub, Bitbucket, VSTS etc.)
Experience with securing applications specifically for AWS or Azure Cloud hosting environments
Verifies application code security by monitoring and ensuring compliance to standards, policies, and procedures. Conducts incident response analyses; develops and conducts training programs.
Updates job knowledge by tracking and understanding emerging security practices and standards; participates in educational opportunities; reads professional publications. Maintains personal networks and participates in professional organizations. Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; explores opportunities to add value to job accomplishments. Communicates complicated technical concepts effectively to a broad group of stakeholders.
Establishes relationships with IT leaders and Department Heads, architects, and technical specialists. Utilizes a general understanding of the competitive landscape and corporate and business unit strategies to provide context for security architectural decision making
Experience implementing vulnerability remediation. Maintain domain architecture and roadmaps and its alignment with technology roadmap.
Enhances security team accomplishments and competence by planning delivery of solutions; conduct Security Architecture Review process; answering technical and procedural questions for less experienced team members; teaches improved processes.
Job Qualifications & experience required
The ability to work independently as well as perform as part of a team
Excellent communication, time management and organizational skills
A motivated, enthusiastic and flexible approach to work in an everchanging environment
Can demonstrate strong performance ethos and deliver outstanding customer service
Ability to interface with both technical and non-technical application owners to discuss their vulnerabilities
Must be a key player within the team enhancing the skillset of all team member
Ideally you'll have experience with:
Should be educated to degree level in Computer Science, Information Security or equivalent.
Industry-accepted certifications (Architecture and Security Focused), or a willingness to acquire
Circa10-15 years’ experience working in building solutions and applications across multiple technology area
Circa 5 years’ experience in application security.