Application Security Architect
CGI
- Fort Lauderdale, FL
- Permanent
- Full-time
CGI is looking for an experienced Application Security Architect.This opportunity requires that candidates be on-site in our Ft. Lauderdale site in a hybrid manner, 3 days per week.Your future duties and responsibilities
Future Duties
Work independently with developers, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks
- Perform security architecture design reviews of our products (primarily cloud)
- Perform code analysis of large applications, manually and using scanning solutions as well as conducting manual vulnerability analysis
- Provide remediation guidance and recommendations to developers and administrators
- Interface with the Customer Success team to discuss and track security feature enhancement requests from our global customers
- Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
- Define security best practices and standards and ensure Product Development teams understand them and receive pertinent annual secure coding training
Required Qualifications:
- Experience as an Application/Product Security Engineer, Architect or Developer
- A background integrating security testing into the SDLC (preferably the SCRUM framework)
- Experience providing security training to developers
- Prior work as a consultant at a highly technical information security consultancy
- Previous work as a technical security architect or related security role in a company where there is a commitment to information security and technology
- Additional programming languages such as .Net
- Experience breaking down complex systems and applications to find flaws
- Strong familiarity with common vulnerabilities and attack vectors
- Knowledge of web service technologies, load balancer services and RESTful APIs
- Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
- Solid understanding of secure network and system design in both cloud (Azure) and conventional environments
- The ability to communicate complicated technical issues and the risks they pose to both technical and non-technical teams
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Must be a critical thinker, with strong problem-solving skills
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations and best practices.
- Competitive base salaries
- Eligibility to participate in an attractive Share Purchase Plan (SPP) in which the company matches dollar-for-dollar contributions made by eligible employees, up to a maximum, for their job category
- 401(k) Plan and Profit Participation for eligible members
- Generous holidays, vacation, and sick leave plans
- Comprehensive insurance plans that include, among other benefits, medical, dental, vision, life, disability, out-of-county emergency coverage in all countries of employment;
- Back-up child care, Pet insurance, a Member Assistance Program, a 529 college savings program, a personal financial management tool, lifestyle management programs and more