We need an expert software architect to create a detailed architecture for a new system including component, security, infrastructure, functional, application, and dataflow architectures.

You need to have:

  • 10+ years of hands-on, in-depth experience in application penetration testing in support of product development and business technology goals.
  • Experience with web and API attack and mitigation methods, security assessments and penetration testing.
  • Knowledge of open security standards such as OWASP Top 10, OWASP ASVS, SANS Top 25, CWE, NIST.
  • Security testing tools including OWASP Zed Attack Proxy, Burp Suite, Postman.
  • Knowledge of data protection impact assessments (DPIA).
  • Solid understanding of common web application technologies, languages, and frameworks.
  • In-depth knowledge of common software vulnerabilities and a strong understanding of methods to identify and remediate vulnerabilities.
  • Web application firewall (WAF).
  • SAST, DAST and IAST tools.
  • You have experience in IT Security projects and the relationships among the components that make up an IT service – from end-user interfaces to servers, networks, storage, applications, and data.
  • Developing and implementing security policies and security technical standards.
  • Security assessments, including translating into cyber risk governance and risk management systems and process.
  • Architecture & design techniques and tools.
  • Application architecture & risk management frameworks.
  • Cyber Security standards such as: NIST 800-53, ISO 27001/27002, SOC 2.
  • Various cyber based concepts such as Identity and Access Management, Vulnerability and Threat Management, Zero Trust Architectures, Data Loss Prevention, etc.
  • Tool and techniques to secure cloud-based workloads.
  • Experience in working with clouds (AWS/ Azure) is highly required, and strong knowledge in Microservices and Serverless.

Nice to have:

  • Previous experience in a health insurance