Mobile Security Architect- $100000-$150000- New York

Location
New York, USA
Salary
£80710.25 - £121065.38 per annum + Benefits, Bonus, Pension
Posted
12 Jun 2019
Closes
19 Jun 2019
Ref
BBBH91717
Contact
HR Jobs
Contract Type
Permanent
Hours
Full Time

Mobile Security Architect- $100,000-$150,000- New York

Role Description

The Security Architecture (SecArch) team is part of the Technology Risk (TR) organization. The mission of the SecArch team is to provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices.

The SecArch Mobile Security Architect is an internal consultant that is working on multiple security architecture and design assessments spanning multiple classes of mobile solutions and technologies.

The architect is expected to be capable of conducting a security architecture review from a general scope, while having subject matter expertise in mobile security that includes an in-depth knowledge of mobile platform risks, management controls, and application security.

This role is an opportunity to get involved in multiple business units and technologies. The architect works with global stakeholders (Technology, Business, Suppliers, Risk Officers and Partners) to perform security assessments and assist with solution design.

To be successful in this role, the candidate must have deep mobile technology subject matter expertise and broad overall technology & security experience coupled with risk management, communication, and time management skills.

Responsibilities


  • Work independently to lead SecArch deep dives with business and technology requestors
  • Conduct assessment and provide technology risk/requirements to requesting teams. Areas covered include:




    • Mobile & Web Application Security - Session Security, Vulnerability/Pen Testing items, Input Validation, Data storage/protection, application hardening, Inter-process Communication.
    • Infrastructure - Infrastructure supporting mobile applications/platforms, such as MDM.
    • Mobile development/testing tools - IDE's, emulation tools, code signing, CI, test automation.
    • Authentication, Authorization, Auditing.
    • Secure data transport and storage.



  • Prioritize risks identified in relation to business risks.
  • Propose solutions to mitigate risks identified, with specific implementation guidance.


  • Establish and communicate mobile security posture
  • Leverage existing expertise in mobile security to identify gaps in current technology environment and provide strategy for risk reduction.
  • Perform hands-on assessments of mobile applications and platforms as part of control validation and strategy definition.
  • Produce position papers and knowledge articles on testing/research performed.
  • Periodically review security reference architecture (security blueprints) and conduct updates/enhancements.


  • Skills and Experience

    Required


  • 5+ years' professional experience in security architecture, application/infrastructure security, penetration testing, secure software development, or related areas with a technical security focus.
  • 2+ years' experience in the mobile security domain with working knowledge in the following areas:

  • Mobile Platform Security - Understand mobile operating system architecture, inherent security controls, and risks present, specifically for iOS and Android.
  • Enterprise Mobile Device Management - OS controls (iOS/Android) and supporting management infrastructure.
  • Mobile Application Security - Working knowledge of mobile application development programming languages/solutions (e.g., Objective-C, Swift, Java, JavaScript, Kotlin, Cordova) and relevant secure coding/application design best practices.

  • Communication skills - Excellent written, oral, presentation, and listening, skills; ability to influence through factual reasoning.
  • Leadership/Collaboration - Ability to directly manage teams, operate in multiple virtual teams, or ability to operate as a sole-contributor.
  • Time Management - Adept at managing and delivering on multiple concurrent tasks with short timelines and using sound judgement when managing risks, prioritization, and escalation.

  • Required


  • Technical BS or Master's degree or equivalent experience

  • Mobile Security Architect- $100,000-$150,000- New York

    This role is being represented by Annapurna on behalf of the client. Please contact Daniel Wright to discuss d.wright@annapurnarecruitment.com