Application Security Architect

As a Product Security Architect, you would be a key enabler of secure and compliant products. You should have knowledge of attack paths across our diverse technology stack, including tactics, techniques and procedures (TTPs) used by adversaries to exploit vulnerabilities. You will be a trusted advisor throughout the product development lifecycle, incorporating knowledge of emerging threats, business goals and system design to improve the overall product and platform security posture. You will be responsible for aligning the security strategy, design and controls, to product roadmap.

The role (What you will DO and the IMPACT you will have)

• Work closely with all levels of engineering and solution architecture to produce technical requirement and ensure solutions work together and fulfil business needs.

• Instilling quality in the teams by adhering to outcomes and results focused delivery of tasks.

• Working and adapting your plan as required to meet business need.

• Manage a portfolio of applications and projects from inception to completion, ensuring the correct security controls are put in place.

• Perform vulnerability testing, risk analyses, and security architecture assessments

• Stay up to date with industry trends, best practices and regulatory standards that may impact product implementations

• Recommend security enhancements and service improvement to help drive effective detection, containment and eradication of security risks.

• Investigate and resolve complex and high-priority incidents.

• Ensure Information Security policies and procedures are up to date, relevant and adhered to, including security and technical standards.

• Create and maintain documentation related to current and future security controls and service.

• Help with the production and design of standards for security solutions to meet business security needs.

• Respond to ad-hoc requests for platform security related guidance

• 5+ years relevant work experience

• Experience with working in an agile environment.

• Experience with implementation of Security concerns within in development pipelines and Dev Ops with a good understanding of customer centric design principles and software development.

• Thorough understanding of Development and Architecture roles such as DevOps, SRE, Solution/Technical Architect and Senior Developer

• Excellent written and verbal communication skills with Stakeholder management and interpersonal skills at both a technical and non-technical level as well as at different levels of seniority.

• Ability to manage conflicting priorities and multiple tasks

• Proven ability to work and effectively prioritise in a dynamic, collaborative, and decentralised work environment

• Knowledge of compliance standards like CIS, NIST in conjunction with PCI-DSS and GDPR.

• With working knowledge of secure development practices and standards such as OWASP and MITRE especially on cloud providers

• Identifying the need for new, or changes to existing, security patterns for UI, API and micro services.

• Threat Modelling and dynamic security testing experience, to identify any security risks before live deployment

• Development experience in .Net and/or Java. Experience with scripting (e.g. python, PowerShell, bash). Experience of web application and API development (Typescript, React, HTTP, PHP).

• Hands on Azure/AWS security configuration and scripting skills

• Demonstrable experience and execution of security automation, and configuration of Azure/AWS cloud native tools to maximise their effectiveness

• Demonstrable Understanding of cryptography concepts.

• Microsoft Azure or AWS certifications or relevant experience

• Business analysis experience such as requirements gathering and modelling use cases and scenarios

• Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools.

• Proven experience of team management and operating in matrix structures

• Competitive salary and benefits package

• Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications

• Opportunity to work with cutting-edge technologies

• Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards

• Annual health check-ups

• Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents

Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.