Accessibility Links

Software Security Architect

  • Location: Any US, Remote
  • Salary: Competitive
  • Job type: Contract/Temp, Permanent
  • Job reference: JF/167602
  • Sector: Cyber Security / Resilience
Job Description

Software Security Architect – Cybersecurity, Engineering, Risk, Emulation, Permanent/Contract, Banking, ANY USA / Remote

 

Emulation / Disassembly / Symbolic analysis / Analysis of Binary Software Artifacts

 

Our leading nationwide banking client is requiring a Software Security Architect to use empirical methods to ascertain the technical presentation of software to the banks systems, and interpret the technical attributes uncovered in context of business and technology requirements. The lead uses deep technology skills including emulation, disassembly, symbolic analysis, symbols analysis to understand technology risks associated to software, and knows when and whether to use these techniques within the context of the bank’s contractual, legal and professional obligations. Crucially, the lead is able to articulate to technology leaders and senior management what we know (knowns), what we don’t know (known unknowns), and what we don’t know we don’t know (unknown unknowns).

 

Main responsibilities;

  • Investigate binary software to ascertain answers to business and technology security questions
  • Research, understand and adhere to applicable intellectual property and contract requirements
  • Where permissible and prudent, engage in disassembly and analysis of binary software artifacts
  • Identify enterprise risks, including risks of known unknowns and unknown unknowns, related to binary software
  • Subject matter expertise in application security of one or more major enterprise application platforms used by bank, incl. but not limited to Java / J2EE, .Net, Mobile (iOS and / or Android), Big Data, Python, Mainframe
  • Apply and interpret application security objectives in context of designated platforms
  • Identify, champion, and supervise the implementation of defensive controls, methods and processes within Bank applications

 

Requirements;

  • Expert knowledge of one or more binary software analysis tools and techniques, including topics in disassembly, emulation, and reverse engineering
  • Familiarity with broad concepts in intellectual property
  • Knowledge of relevant standards, including IETF (e.g., HTTP, TLS, and networking), W3 (e.g., HTML, Javascript, DOM) as well as platform-specific standards
  • Exposure to application security testing techniques
  • Able to read and write software in at least one programming languages such as C, C++, .Net, Java, Python
  • Experience with dynamic application security defensive technology, such as WAF, RASP, and compiler security mechanisms and language-theoretic security
  • Knowledge of NIST 800 series, FIPS standards, ISO 27000 series, CSA and related standards

 

Successful candidates will have the ability to work autonomously and be able to bridge the gap between deep technical knowledge and Software security initiatives across the firm in order to influence business development and information security protocols across the company. If you are interested in the opportunity please respond via this advertisement or email Jordan Fitzpatrick on jtf@barclaysimpson.com.

 

 


Similar jobs
Information Security Officer
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Information Security Officer – Risk Management, Policy, Governance, Banking, Perm, New York Our leading banking client is requiring an Information Security Officer to manage
IT & Operations Risk VP
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Risk, Cyber Security / Resilience
  • Description IT & Operations Risk VP – Assessment, Information Security, Risk, Banking, Perm, New York Our leading banking client is requiring an IT & Operations Risk Analyst to define key risk
Security Engineer (Process & Controls)
  • Location New York City
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Security Process Engineer – Controls, Threat, Assessment, IAM, Financial Services, Perm, New York Our leading financial services client is requiring a security process engineer to deliver new and
Cloud Security Lead Engineer
  • Location New York / Toronto
  • Salary Competitive
  • Job type Permanent
  • Sector Cyber Security / Resilience
  • Description Cloud Security Lead Engineer – Information Security, SecDevOps, Cloud, Code, Automate, Banking, Perm, New York / Toronto   Our leading banking client is requiring a Cloud Security Lead Engineer
Related news