Skip navigation

Application Security Architect

  • St-Petersburg, Russia
  • hot
Job #: 43630
Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.

DESCRIPTION


As an Application Security Architect you will be responsible for increasing Security Awareness among Project Teams and making products more robust and secure.

This kind of goal tends to be very challenging and include lots of various activities: from communicating with Customer explaining what IT Security in general and Application Security in particular mean, advocating consistent approach to Security through the whole SDLC for both Customer and the Development Team, tracking and helping the Team with Security-related activities, going deep into project details, creation of security-related artifacts, making contribution into Security Testing, etc.

Another very common case is when Application Security Architect is involved on the mature stage of SDLC for security review of already existing product.

Responsibilities

  • Perform Security Audits for on-going projects: both Architecture and Implementation/Code Review
  • Contribute in building Secure Architecture and Design for the new projects or making corrections to the existing ones
  • Work as a Security Advisor helping to establish secure development activities in SDLC end-to-end
  • Perform Security Trainings for Development Teams
  • Communicate with customers and teams, be able to convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing it (e.g. do penetration testing before release)
  • Communicate with all sub-teams: BAs, Developers, QAs, building consistent understanding of Security Requirements, main Threats, Mitigation implemented
  • Be able to communicate and coordinate work with other Security Teams - Infrastructure Security Experts, Penetration Testers
  • Work as a consultant answering particular questions related to security in development
  • Work on Pre-sales making sure Security is addressed properly and taken into account in budget and effort estimations

Requirements

  • Knowledge of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP CLASP, etc)
  • Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review
  • Deep understanding of the nature of security threats, their classification
  • Knowledge of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc) and how they match the general classification
  • Understanding of main security principles, such as multi-layered protection (Defense in Depth)
  • Understanding of main areas of protection (Security, Privacy, Availability) and levels of defense (networking, infrastructure, OS, Application)
  • Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, crypto-operations, etc)
  • Good knowledge of Security Features and Mechanisms provided by at least one OS (e.g. Windows, Linux, Android, iOS, etc) and development platform/technologies (e.g. Java, .NET Framework, databases, etc)
  • Familiarity with existing Security Standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria, etc) and what does it mean to implement compliance with them
  • Familiarity with the tools for various security activities: Static Code Analysis, Penetration Testing, Intrusion Detection/Prevention, etc
  • Understanding of basic principles of infrastructure security and penetration testing
  • Ability to use the tools to perform actual attacks is a plus
  • Certification in any security area is a plus

We offer

  • Work with cutting-edge technologies and participation on projects in various domains
  • Opportunity to work in a distributed team on an international project
  • In-house education and training - Our educational platforms provide over 6,000 courses and trainings esigned to develop both technical and soft skills. Moreover, we have special educational programs for advanced specialists—Delivery Management School, Solution Architecture School, and Solution Architecture University. And even better yet, free English courses and conversational clubs are available for you right inside our offices
  • Participation in mentoring programs for both technical specialists and managers
  • Self-fulfillment opportunities beyond projects: we hold meetups and conferences where our employees act as speakers, invite trainers for speakers, and develop professional communities
  • Relocation opportunities—both within and outside Russia (EPAM's offices are present in ten Russian cities as well as in over 25 countries)
  • We support flexible hours and occasional remote work
  • Voluntary health insurance policy, including dental care, is available to you right from your first working day; in-house medical care is provided
  • Reimbursement for sports activities plus in-house yoga trainings. Moreover, you will be able to attend training sessions and participate in tournaments (soccer, basketball, and volleyball) with our corporate teams
  • Educational programs for children of our employees (in-house programming courses)

Наши сотрудники

ИЛЬЯ ПРИТУЛА
Ресурсный менеджер
Санкт-Петербург, Россия

ОЛЬГА КАЗАКОВА 
Руководитель проектов
Москва, Россия

ИЛЬЯ РОМАНОВ
Глава практики e-commerce
Москва, Россия

АЛЕКСЕЙ УДАЛОВ
Архитектор решений
Амстердам, Нидерланды

ЧЕМ МЫ МОЖЕМ ВАМ ПОМОЧЬ?


Наши офисы

  • Канада

    • Оттава

      343 Preston Street,
      ON K1S 1N4, Ottawa
      Canada

      Карта
    • Торонто

      5 Park Home Avenue,
      Suite 400,
      ON M2N 6L4, North York,
      Toronto
      Canada

      Карта
      Тел: +1-416-591-4004
      Факс: +1-416-595-1551
    Узнать больше
  • Мексика

    Узнать больше
  • США

    • Ньютаун

      41 University Drive,
      Suite 202,
      Newtown, PA 18940
      USA

      Карта
      Тел: +1-267-759-9000
      Факс: +1-267-759-8989
    • Белвью

      110 110th Ave. NE,
      Suite 310
      Bellevue, WA 98004
      USA

      Карта
    • Бостон

      21 Drydock Avenue,
      Suite 410 W,
      Boston, MA 02210
      USA

      Карта
    • Вашингтон

      7901 Jones Branch Drive,
      Suite 400,
      McLean, VA 22102
      USA

      Карта
    • Коншохокен

      101 East 8th Ave,
      Suite 201,
      Conshohocken, PA 19428
      USA

      Карта
      Тел: +1-484-382-1300
    • Лос-Анджелес

      11601 Wilshire Blvd,
      Suite 350,
      Los Angeles, CA 90025
      USA

      Карта
    • Нью-Йорк

      24 West 25th Street,
      5th Floor,
      New York, NY 10010
      USA

      Карта
      Тел: +1-267-759-9000
      Факс: +1-267-759-8989
    • Сан-Франциско

      222 Kearny Street,
      Suite 308,
      San Francisco, CA 94108
      USA

      Карта
    • Сан-Хосе

      2055 Gateway Place,
      Suite 510,
      San Jose, CA 95110
      USA

      Карта
    • Филадельфия

      30 South 15th Street,
      9th Floor,
      Philadelphia, PA 19102
      USA

      Карта
    Узнать больше
  • Австралия

    Узнать больше
  • Гонконг

    Узнать больше
  • Индия

    • Бангалор

      Smartworks,  
      Global Technology Park,
      Block C, Outer Ring Rd,
      Adarsh Palm Retreat, Bellandur,
      Bengaluru, Karnataka 560103
      India

      Карта
    • Пуна

      SmartWork Business Center Pvt Ltd,
      Suite 8, Level 1,
      West Wing, Nyati Unitree,
      Samrat Ashok Road,
      Yerwada, Pune - 411006,
      Maharashtra
      India

      Карта
    • Хайдарабад

      10, 11 & 12th Floors,
      Salarpuria Sattva Knowledge City,
      Plot No. 2, Phase - 1,
      Survey No. 83/1,
      Raidurgam Village,
      Serilingampally Mandal,
      Hyderabad, Telangana - 500081
      India

      Карта
      Тел: +91-40-47979900
    Узнать больше
  • Китай

    • Гуанчжоу

      Unit B01, 23/F,
      Yuexiuxinduhui Building,
      No. 236, 6th Zhongshan Road,
      Yuexiu District, Guangzhou,
      China 510180

      Карта
    • Сучжоу

      Building 12, Creative Industrial Park,
      328 Xinghu Street,
      Suzhou Industrial Park,
      Suzhou, China 215123

      Карта
    • Шанхай

      Room B509, 5th Floor,
      48 Weihai Road,
      Huangpu District, Shanghai,
      China 200000

      Карта
      Тел: +86-21-53080606
    • Шэньчжэнь

      3/F, Block 5, Vision Shenzhen Business Park,
      9th Gaoxin South Road, 
      Shenzhen Hi-tech Industrial Park,
      Nanshan District, Shenzhen,
      Guangdong, China 518057

      Карта
    Узнать больше
  • ОАЭ

    • Дубай

      EPAM Systems FZ-LLC
      Dubai Branch,
      Building 16, Office 241,
      Dubai Internet City,
      PO Box 501929, Dubai
      United Arab Emirates

      Карта
      Тел: +971-4-568-3569
    Узнать больше
  • Сингапур

    Узнать больше
  • Япония

    • Tokyo

      Floor 1-10-11
      Shibadaimon Centre Building 10th
      Shibadaimon Minato-ku
      Tokyo 105-0012
      Japan

      Карта
      Факс: +81-03-6880-9201
    Узнать больше