Application Security Architect – London/Remote

Atrium UK are looking for an accomplished Application Security Architect to work closely with all levels of engineering and solution architecture teams to produce technical requirements and ensure solutions work together and fulfil business needs. This is a remote role with occasional visits to the London office. You must be based within the UK and be able to travel to the London Office when needed.

Responsibilities:

• Investigate and resolve complex and high-priority incidents.
• Communicate to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios.
• Manage a portfolio of applications and projects from inception to completion, ensuring the correct security controls are put in place.
• Maintain a deep understanding of the business, our patients and healthcare-delivery models.
• Ensure Information Security policies and procedures are up to date, relevant and adhered to, including security and technical standards.
• Perform vulnerability testing, risk analysis, and security architecture assessments.
• Relate well to constraints experienced by business partners and find practical, win-win solutions.
• Analyse customer needs; ensure solutions meet business and security requirements.
• Hold self and others accountable for meeting customer needs and expectations in a timely, professional manner.
• Maintain high personal accountability; take ownership of issues, develop effective remediation approaches, and drive for results.
• Employ business acumen to develop appropriate solutions and solve problems - understand business risks and business objectives.
• Translate business needs into information security requirements.
• Communicate technical security risks in a manner that resonates with business leaders.
• Establish and manage to a planned set of related activities with a focus on hitting deadlines.
• Stay up to date with industry trends, best practices and regulatory standards that may impact product implementations.

Essential:

• Extensive experience of Application security architecture.
• Experience working in large and highly regulated organizations and agile environments.
• Experience with practical interpretation and application of policy and standards.
• Subject matter expert knowledge of the technology aspects of security.
• Experience with implementation of Security within development pipelines and DevOps with a good understanding of customer centric design principles and software development.
• Experience with GDPR, HIPAA & PCI frameworks.
• Technical security certification like CISSP, CCSP, CEH, Microsoft Azure or AWS or equivalent.
• Thorough understanding of Development and Architecture roles such as DevOps, SRE, Solution/Technical Architect and Senior Developer.
• Working knowledge of secure development practices and standards such as OWASP and MITRE especially on cloud providers.
• Excellent written and verbal communication skills with Stakeholder management and interpersonal skills at both a technical and non-technical level as well as at various levels of seniority.
• Identifying the need for new, or changes to existing, security patterns for UI, API, and microservices.
• Threat Modelling and dynamic security testing experience, to identify any security risks before live deployment.
• Development experience in .NET and/or Java. Experience with scripting (e.g. python, PowerShell, bash). Experience of web application and API development (Typescript, React, HTTP, PHP).
• Demonstrable Understanding of cryptography concepts.
• Business analysis experience such as requirements gathering and modelling use cases and scenarios.
• Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools.

Click Apply now to be considered for the Application Security Architect role.