JerseyCityRecruiter Since 2001
the smart solution for Jersey City jobs

Application Security Architect

Company: Interpublic Group of Companies, Inc.
Location: Jersey City
Posted on: September 24, 2022

Job Description:

POSITION SUMMARY: The Application Security Architect will be responsible for reviewing applications to secure the organization s critical IT assets according to appropriate security practices and in compliance with IPG standards, policies, procedures and security architecture. Key duties will be the assessment of the security of applications commercial products and inhouse developed throughout their lifecycle, at the stages of requirements gathering, design, build, procurement and update, to ensure compliance, while enabling the business to meet the requirements of the information security technology architecture, strategy and baseline. ESSENTIAL FUNCTIONS:

  • Assist IPG s Security Engineering & Architecture function to perform application and data security reviews to confirm that applications are compliant with IPG s policies, standards and security architecture, and that the right security controls are applied to keep data secure.
  • Assist the IPG Security Engineering & Architecture function, Enterprise Architecture function, and IPG agencies to apply security controls such as multi-factor authentication, security information event management, database encryption, database monitoring and web application firewall to applications.
  • Assist IPG s Security Engineering & Architecture function, and IPG agencies to research new security technologies and their application to the corporate environment.
  • Collaborate with project teams, IPG s Security Engineering and Architecture functions, and IPG Agencies in research and design phases of solutions to ensure that information security is a fundamental quality.
  • Design implement and support application security solutions in compliance with IPG s security-related standards, policies and procedures, and security architecture, as well as with industry standards, reference architectures and implementation patterns. Follow best practices on Secure SDLC (e.g., threat modeling, integrating security considerations into the testing cycle).
  • Provide application security technical expertise to the IPG Security Engineering & Architecture function, and IPG IT and IPG agencies during the full lifecycle of security assessment, recommendation, testing, installation, rollout and operations.
  • Ensure that application security technologies are properly implemented and meet all applicable requirements. Proactively work with IPG IT and IPG agencies to ensure all security components are appropriately integrated into the overall enterprise technology. EDUCATION, SKILLS AND EXPERIENCE REQUIREMENTS:
    • Strong experience of reviewing the security of applications for alignment with security architecture, security policy, security standards and best practices.
    • Experience of reviewing and contributing to corporate security architecture frameworks, security standards and security policies.
    • Experience of web server, web application and API security and remediation. In-depth knowledge of OWASP Top-10 security risks and how to address them.
    • Experience of application risk assessment via threat modelling using STRIDE, OCTAVE, PASTA or similar framework, and of providing recommendations to mitigate threats and reduce risk.
    • Experience of using web dynamic application security testing (DAST) tools such as Burp Suite, OWASP ZAP and Checkmarx, and of providing recommendations to mitigate vulnerabilities.
    • Experience of using network security assessment tools such as NMAP and Nessus and of providing recommendations to address security weaknesses identified.
    • Experience or working knowledge of penetration testing methods, of interpretation of penetration test reports, and of recommendations to address findings.
    • Experience of data security solutions such as encryption, hashing, digital signatures, data tokenization and masking.
    • Working knowledge of multi-factor authentication and single sign-on mechanisms for applications.
    • Working knowledge of Amazon Web Services and Microsoft Azure cloud computing platforms.
    • Good general knowledge of core security networking concepts like TLS, SSH, DNS, firewalls.
    • Good general knowledge of enterprise software, containers, operating systems and server virtualization.
    • Experience of conducting product evaluations, proofs of concept, pilots and rollouts.
    • A proven ability to interface across a global organization with other teams, such as EIS Engineering and Security, Corporate Applications, Enterprise Applications, Internal Audit, agency CIOs, and agency security teams and compliance coordinators, etc.
    • An analytical demeanor and the ability to effectively communicate with individuals across all levels the organization.
    • Excellent written and verbal communications skills.
    • Ability to adjust to changing priorities while multitasking effectively.
    • Working knowledge of compliance frameworks and security management standards (e.g., ISO 27001, COBIT, NIST CSF, PCI-DSS, ).
    • Working knowledge of best practices/standards (e.g., PCI DSS, HIPAA, State data breach laws) for implementing application-level data encryption.
    • Bachelor s degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering or related major.
    • CISSP, CASE, CASS, CLSSP, GIAC GWEB similar certification required.
    • Solid progressive experience working in Information Technology with at least some of that directly in Information Security.
    • Some experience in a security architect role with experience in reviewing and approving the security of applications.
    • Advertising and marketing communications industry experience preferred. BENEFITS OF JOINING IPG One of our primary goals is to support the health and well-being of you and your family. Our compensation plan includes the following benefits, in addition to many others:
      • Healthcare Options
        • Medical
        • Dental
        • Vision
        • Prescription
        • Dependent and Health Care Flexible Spending Accounts
        • 401(k) savings plan with company match
        • Flexible based Paid Time Off
        • Employee Assistance Program
        • Legal Assistance Plan
        • Tuition Reimbursement
        • Employee Stock Purchase Plan
        • Exclusive discounts on cell phones, gyms, and everyday purchases IPG is an equal opportunity employer and we value diversity, inclusion and equity at our company. We do not discriminate on any unlawful basis including race, religion, color, national origin, disability, gender, sexual orientation, age, marital status, veteran status, or any other basis prohibited by law.

Keywords: Interpublic Group of Companies, Inc., Jersey City , Application Security Architect, Other , Jersey City, New Jersey

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest New Jersey jobs by following @recnetNJ on Twitter!

Jersey City RSS job feeds