Accessibility Links

Software Security Architect

  • Location: Any US, Remote
  • Salary: Competitive
  • Job type: Contract/Temp, Permanent
  • Job reference: JF/167602
  • Sector: Cyber Security / Resilience
Job Description

Software Security Architect – Cybersecurity, Engineering, Risk, Emulation, Permanent/Contract, Banking, ANY USA / Remote

 

Emulation / Disassembly / Symbolic analysis / Analysis of Binary Software Artifacts

 

Our leading nationwide banking client is requiring a Software Security Architect to use empirical methods to ascertain the technical presentation of software to the banks systems, and interpret the technical attributes uncovered in context of business and technology requirements. The lead uses deep technology skills including emulation, disassembly, symbolic analysis, symbols analysis to understand technology risks associated to software, and knows when and whether to use these techniques within the context of the bank’s contractual, legal and professional obligations. Crucially, the lead is able to articulate to technology leaders and senior management what we know (knowns), what we don’t know (known unknowns), and what we don’t know we don’t know (unknown unknowns).

 

Main responsibilities;

  • Investigate binary software to ascertain answers to business and technology security questions
  • Research, understand and adhere to applicable intellectual property and contract requirements
  • Where permissible and prudent, engage in disassembly and analysis of binary software artifacts
  • Identify enterprise risks, including risks of known unknowns and unknown unknowns, related to binary software
  • Subject matter expertise in application security of one or more major enterprise application platforms used by bank, incl. but not limited to Java / J2EE, .Net, Mobile (iOS and / or Android), Big Data, Python, Mainframe
  • Apply and interpret application security objectives in context of designated platforms
  • Identify, champion, and supervise the implementation of defensive controls, methods and processes within Bank applications

 

Requirements;

  • Expert knowledge of one or more binary software analysis tools and techniques, including topics in disassembly, emulation, and reverse engineering
  • Familiarity with broad concepts in intellectual property
  • Knowledge of relevant standards, including IETF (e.g., HTTP, TLS, and networking), W3 (e.g., HTML, Javascript, DOM) as well as platform-specific standards
  • Exposure to application security testing techniques
  • Able to read and write software in at least one programming languages such as C, C++, .Net, Java, Python
  • Experience with dynamic application security defensive technology, such as WAF, RASP, and compiler security mechanisms and language-theoretic security
  • Knowledge of NIST 800 series, FIPS standards, ISO 27000 series, CSA and related standards

 

Successful candidates will have the ability to work autonomously and be able to bridge the gap between deep technical knowledge and Software security initiatives across the firm in order to influence business development and information security protocols across the company. If you are interested in the opportunity please respond via this advertisement or email Jordan Fitzpatrick on jtf@barclaysimpson.com.

 

 


Similar jobs
Operational Risk VP, Security and Technology
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Operational Risk VP, Security and Technology – Risk Management, Information Technology, Cyber Security, Banking, Perm, New York Our leading banking client is requiring an Operational Risk VP to
Head of Technology & Information Security Risk
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Head of Technology & Information Security Risk– Information Security, Risk Management, Assessment, Banking, Perm, New York Our leading banking client is requiring a Head of Technology &
Infrastructure Security Architect
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Infrastructure Security Architect – Design, Automation, Information Security, Fund, Perm, New York Our leading Fund client is requiring an Infrastructure Security Architect
Cloud Security Architect
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Cloud Security Architect – AWS, Engineer, Risk, Threat Model, Fund, Perm, New York Our leading Fund client is requiring a Cloud Security Architect to design, develop
Related news