Global Lead Application Security Architect - Transformation Security E-commerce - Investment Bank
Recruiter
Listed on
Location
Salary/Rate
Salary Notes
Type
Start Date
This job has now expired please search on the home page to find live IT Jobs.
Global Lead Application Security Architect - Transformation Security E-commerce - Investment Bank.
The IT Security team requires a lead Security Architect with experience of building security architecture in E-commerce. A hands on role but also with some more senior elements to it. Any transformation programme experience will be beneficial as there will be interactions with the Programme Manager with the lead security Architect expected to provide advice and input. A formal certification will be extremely beneficial and they absolutely need to have security development life cycle experience. This person will be helping to build capability in the development team, identifying gaps, making sure security is implemented as prescribed etc.
Experience of Authentication/authorisation/code security - with development experience in any language - Java or C++ or C# - who can guide the application development teams on important security topics such authentication and other source code vulnerabilities. The individual must be equipped with sufficient hands on experience so they can advise teams on security best practices, as well as potentially, for short periods, help out in the development teams.
The role will focus on shaping and defining standards and best practice for securing a heterogeneous environment of Java, .NET, and C++ application against the security standards. The IT Security Architect will have strong IT Security Authentication/authorisation/code security.
Experience of implementing single-sign-on security strategies in other enterprise environments (SAML, Siteminder)
Excellent understanding of authentication related mechanisms (Kerberos, One Time Passwords, PKI)
Excellent knowledge and practical experience of using LDAP for authorization.
Excellent knowledge and practical experience of using Windows Kerberos to secure custom service endpoints in C++, Java and C#.
Excellent knowledge of programming best practices, design patterns, etc.
Excellent problem solving skills, being able to develop approaches to complex technology and strategy problems, building consensus across diverse interest groups and working within constraints of practical delivery yet able to think beyond the requirements of immediate issues.
Well developed written communication skills with the ability to summarise key issues, conclusions and recommendations in report form
Role:
The lead Security Architect will work in conjunction with a security project manager and Assist development teams in moving to a Kerberos/SAML/LDAP security model for authentication and authorisation.
Assist in the deployment of automatic provisioning. Design best practice for LDAP integration. Develop practical (code libraries, reference implementation) guidance for security components integration. Develop practical guidance for applications.
Desirables:
Experience in BMC Control SA implementation, CA Siteminder, Fortify Source Code Analysis
Good knowledge of pre-.NET Microsoft technologies (COM+, DCOM, etc.)
Experienced in C++ development.
Experience of a wide range of communication technologies used in the financial enterprise, eg C++ Sockets, Tibco RV, Java ROI, Java WS.*, .NET WCF.
Competent in technical interviewing.
Project and/or program management experience.
Applicants must be eligible to work in the specified location
Adlam Consulting operates as an Employment Agency & an Employment Business
