Overview

EPAM is looking for an Application Security Architect to join the Security practice to work directly with our biggest enterprise customers.

Responsibilities

  • Lead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to Testing
  • Establish secure software development lifecycle (SSDLC) programs
  • Support software development teams in secure development methodologies, tools, and processes
  • Train Software Development teams in the areas of secure development
  • Building Secure Architecture and Design for the projects
  • Communicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it
  • Cooperate with all sub-teams: BAs, Developers, Qas; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams – Cloud Security Engineers, Infrastructure Security Engineers or Penetration Testers

Requirements

  • Software Development or Security-focused university degree OR equivalent experience
  • Motivation to develop and grow in the field of Security
  • Familiarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM, etc.)
  • Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools
  • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review
  • Familiarity with of security threat, their implementation and their classification
  • Understanding of main security concepts and principles
  • Understanding of main areas of protection and levels of defense

Nice to have

  • Knowledge of cybersecurity tools within categories such as Static Code Analysis, Penetration Testing, and Intrusion Detection/Prevention
  • Understanding of Security Features and Mechanisms within one or more OS or development platforms/technologies
  • Skills in implementing mitigation mechanisms for different types of threats
  • Competency in working with established security standards and regulations and implementing their requirements
  • Familiarity with foundational principles of infrastructure security and penetration testing
  • Expertise in cloud security controls and policies
  • Relevant certifications like CISSP, CCSP, SANS GIAC or similar qualifications are beneficial
  • Background in Cloud Security

Croatia

    We believe that the greatest strength of the company is its people. EPAM is fully committed to help its employees to reach their full potential and achieve their professional goals through continues learning. With this in mind, we would like to introduce to you few of the many opportunities and services which we believe will help you expand your current knowledge:
  • Career development opportunities with a transparent career path
  • Wide range of professional trainings, workshops, and mentoring programs plus unlimited access to LinkedIn Learning
  • Learning resources and financial support for completing certification programs
  • Christmas and Vacation bonus
  • Corporate Health Insurance (basic and supplementary)
  • Free yearly medical check-ups
  • 25 days of vacation

[epamgdo] Croatia (About EPAM)

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

[epamgdo] Croatia (Recruitment Process)

Thank you for your interest in this position. Please note that only candidates whose experience closely matches the job requirements will be contacted. If you do not receive an email from us, please do not be discouraged—feel free to apply for other positions that better align with your experience. If you have any questions, you can reach us at jobscroatia@epam.com.