Objective of the Position :
- As a Cyber Security Architect, your primary goal will be to ensure a secure and trustworthy customer journey. Join our team to enhance our cybersecurity capabilities by executing the global AE (Architecture and Engineering) strategy consistently across the region. Reporting directly to the Company's Architecture and Engineering Lead, you will play a vital role in deploying and operating application security capabilities, solutions, and requirements. Your expertise will contribute to the secure profiling of critical applications, code reviews, application-focused attack and penetration testing, and the identification and remediation of application-level vulnerabilities. By meeting The Company's risk management needs and business requirements, you will play a critical role in safeguarding our organization.
1. Application Security:
- Deploy and operate application security capabilities, solutions, and requirements consistently across the region.
- Systemically identify and document application-level vulnerabilities.
- Communicate identified vulnerabilities and recommended mitigation strategies.
- Coordinate with the markets and monitor remediation activities.
- Provide guidance and recommendations for remediating application vulnerabilities.
- Track and report on the status of remediation efforts.
- Facilitate and deliver targeted application security training.
- Identify and document threats using STRIDE and other Company techniques for critical applications.
- Provide recommendations for the identified threats.
- Coordinate and maintain the list of remediation activities.
Qualifications and Skills :
- Relevant certifications such as CISSP, CISM, or CEH are required.
- Proven experience in application security, architecture, and engineering.
- Strong understanding of code review methodologies and application-level vulnerabilities.
- Proficiency in conducting application-focused attack and penetration testing.
- Knowledge of risk management frameworks, regulatory requirements, and industry best practices.
- Excellent communication skills with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities.
- Minimum 4 years of relevant work experience in cybersecurity architecture and engineering.
- Experience with a wide variety of Threat Modelling tools and other tools to include:
- Microsoft Threat Modelling Tool
- Burp Suite
- ThreatModeler
- IriusRisk
- Experience in developing and implementing countermeasures to identified application security risks.
- Experience interacting with development teams to articulate security requirements and processes while collaborating on architecture and engineering design options, implementation, testing and user acceptance.
- Experienced in Threat Modelling including creation of Data Flow Diagrams
- Experience identifying, evaluating and managing risk in a complex and changing environment.
SGA is a Certified Women's Business Enterprise (WBE) celebrating over thirty years of service to our national client base for both permanent placement and consulting opportunities. For consulting positions, we offer a variety of benefit options including but not limited to health & dental insurance, paid vacation, timely payment via direct deposit. SGA accepts transfers of H1 sponsorship for most contracting roles. We are unable to sponsor for Right-to-Hire, Fulltime, or Government roles. All parties authorized to work in the US are encouraged to apply for all roles. Only those authorized to work for government entities will be considered for government roles. Please inquire about our referral program if you would like to submit a candidate for any of our open or future job opportunities. SGA is an EEO employer. We encourage Veterans to apply. To view all of our available job postings and/or to learn more about SGA please visit us online at .