Security Architect and Source Code Review
J Safra Sarasin
vor 5 Tg.

Function / Position

objectivesAs security architect you are responsible for designing, building, testing and implementing security systems within the Bank on site and in the cloud.

On top of that main responsibility, you will be assigned the review the source code review of a major digitalization project on going.Responsibilities

  • Reviewing current system security measures and recommending and implementing enhancements
  • Conducting regular system security review of existing IT systems
  • Planning, researching and designing security architectures
  • Design, build and implement enterprise-class security systems for a production environment
  • Align standards, frameworks and security with overall business and technology strategy
  • Maintain security framework architecture documentation
  • Deliver secure code review assessment on programming language with at minimum : React-Native, ReactJS, .NET Core 3.1 (C#), Javascript
  • Profiles

  • Master Degree in Information Technology, Computer Science or related filed is highly desirable.
  • 10+ years of experience in enterprise information security architecture and IT risk management with a focus on security, performance and reliability;
  • 4+ years of experience in application security including secure code review, web application penetration testing or threat modelling;
  • 2+ years of experience in secure code review / static application security testing (SAST)"
  • Excellent knowledge of cloud computing technologies and of enterprise-class security architecture
  • Strong background in cyber offensive security and cyber threat modeling; Good working knowledge of current IT risks and experience implementing security solutions
  • Ability to interact with a broad cross-section of personnel to explain and enforce security measures; Excellent and effective written and verbal communication skills to properly articulate complicated cloud reports to management and other IT development partners;
  • Excellent business acumen

  • Detailed understanding of the OWASP Top 10 and CWE Top 25 issues with focus on ability to identify and remediate vulnerability in source code;
  • Ability to explain risk and business impact of security vulnerabilities in source code to variety of audience

  • Hands-on experience conducting security focused static analysis using commercial SAST tools such as Checkmarx, Appscan Source, Veracode, Coverity, Fortify and SonarQube
  • Activity rate100 %

    Melde diesen Job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Klicke auf "Fortfahren", um unseren Datenschutz-und Nutzungsbestimmungen zuzustimmen . Du kriegst außerdem die besten Jobs als E-Mail-Alert. Los geht's!