Overview

EPAM is looking for an Application Security Architect to join the Security practice to work directly with our biggest enterprise customers.

Responsibilities

  • Lead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to Testing
  • Establish secure software development lifecycle (SSDLC) programs
  • Support software development teams in secure development methodologies, tools, and processes
  • Train Software Development teams in the areas of secure development
  • Building Secure Architecture and Design for the projects
  • Communicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing it
  • Cooperate with all sub-teams: BAs, Developers, Qas; build consistent understanding of Security Requirements, main Threats, Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams – Cloud Security Engineers, Infrastructure Security Engineers or Penetration Testers

Requirements

  • Software Development or Security-focused university degree OR equivalent experience
  • Motivation to develop and grow in the field of Security
  • Familiarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM, etc.)
  • Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling Tools
  • Understanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code Review
  • Familiarity with of security threat, their implementation and their classification
  • Understanding of main security concepts and principles
  • Understanding of main areas of protection and levels of defense

Nice to have

  • Familiarity with the one or more cybersecurity tools in the following categories: Static Code Analysis, Penetration Testing, Intrusion Detection/ Prevention
  • Knowledge of Security Features and Mechanisms provided by at least one OS and development platform/technologies
  • Understanding of mitigation mechanisms for every type of threats
  • Familiarity with existing security standards and regulations experience of requirements implementation
  • Understanding of basic principles of infrastructure security and penetration testing
  • Experience with cloud security controls and policies
  • Relevant certifications such as CISSP, CCSP, SANS GIAC or similar qualifications are a considered an advantage
  • Experience with Cloud Security

Hungary

  • Dynamic, entrepreneurial corporate environment
  • Diverse multicultural, multi-functional, and multilingual work environment
  • Opportunities for personal and career growth in a progressive industry
  • Global scope, international projects
  • Widespread training and development opportunities
  • Unlimited access to LinkedIn learning solutions
  • Competitive salary and various benefits
  • Advanced wellbeing and CSR programs, recreation area

[epamgdo] Hungary (About EPAM)

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.

[epamgdo] Hungary (Campus Programs)

Do you know someone interested in starting a career in IT? Share our EPAM Campus programs with them, where they can enhance their knowledge in various fields online, free of charge.