Share this Job

Security Architect DevOps

Apply now »

Date: Nov 20, 2021

Location: Halifax, NS, CA

Company: NTT DATA Services

Req ID: 159297 

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Architect DevOps to join our team in Halifax, Nova Scotia (CA-NS), Canada (CA).

Provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices. You will be working on multiple security architecture and design assessments spanning multiple classes of technologies.  The Integrator works with team members (Technology, Business, Suppliers, Stakeholders, and Partners) globally to perform assessments. To be successful as an Integrator the candidate must have broad technology experience coupled, risk management, communication, and time management skills. The candidate will be working with a global team of experts on modernizing the Firm’s SDLC platform to enable deployment automation to private and public cloud endpoints and SaaS-based tooling. This role affords the opportunity to get in on the ground floor to help build the next generation of development and deployment tooling across a diverse set of tech stacks for the next decade

 

Responsibilities:

  1. Lead deep dives with the requestor of the assessment
  2. Prioritize risks identified in relation to business risks
  3. Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
    • Authentication, Authorization, Auditing
    • Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation
    • Secure data transport and storage
  4. Periodically review security reference architecture (security blueprints) and conduct updates/enhancements
  5. Participate in various Operational and Technology Risk governance processes
  6. Assist in identifying new areas and opportunities of technology investment for the firm

 

Skills and Experience

Soft Skills (Required)

  1. Excellent communication skills: written, oral, presentation, listening
  2. Ability to influence through factual reasoning
  3. Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking
  4. Strong focus on delivery when presented with short timelines and increased involvement from senior management
  5. Ability to adjust communication of technology risks vs business risks based on the audience

 

Security Architecture Skills

  1. Required – In-depth knowledge of application, network, and platform security vulnerabilities. Ability to explain these vulnerabilities to developers
  2. Required – Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy-in.
  3. Required – Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
  4. Required – Knowledge of Azure cloud, Azure DevOps, and CI/CD
  5. Required – The candidate must have working experience in the following application/network security domains:
    • Authentication: SAML, SiteMinder, Kerberos, OpenId
    • Entitlements and identity management
    • Data protection, data leakage prevention, and secure data transfer and storage
    • App Security - validation checking, software attack methodologies
    • Cryptography – encryption, and hashing
  6. Desired - Prior experience administering systems for version control (Bitbucket, Github), issue tracking (Jira), continuous integration (Jenkins, Github Actions)), or release management.
  7. Desired – Knowledge of standard network model and the risks that present at each layer, the functions of network equipment such as switches, routers, firewalls, proxies, vpn, and load-balancers, and to understand network architecture.
  8. Desired - The candidate must have a working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks.
  9. Desired - experience in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp

 

Development Experience

  1. Required – Even though the Integrator role is not a development role, the candidate must have previous background in programming, design, and application architecture.
  2. Required – In order to be a practical Integrator, the candidate must have experience implementing complex applications in an enterprise environment.
  3. Required – working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby
  4. Desired – In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services

 

Other Areas of Expertise

  1. Frameworks, protocols, and subsystems:  J2EE, .NET, Spring, RPC, SOAP,  MQSeries, JMS, RMI, JMX, Hibernate.
  2. Knowledge of JSP /Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.
  3. Database design and programming experience
  4. Experience in liaising with 3rd Party Entities (exchanges, suppliers, regulators)
  5. Experience in conducting and/or reviewing penetration tests, dynamic vulnerability assessments, and static vulnerability assessments
  6. Understanding of geographic regulations and their impact on Security assessments
  7. Previous experience in Financial Services is preferred
  8. CISSP or other industry qualification
  9. Desired – experience working with global organizations

 

Educational Requirements

Bachelor’s Degree with minimum 5 years relevant work experience in a high-paced, enterprise environment

 

#INDFSINS
#L1-NAM


For more information email jonathan.jokubaitis@nttdata.com
 

About NTT DATA Services

NTT DATA Services is a global business and IT services provider specializing in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services. We are part of the NTT family of companies, a partner to 85 % of the Fortune 100.

NTT DATA Services is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, gender, disability, age, veteran-status, sexual orientation, gender identity, or any other class protected by law. To learn more, please visit https://us.nttdata.com/en/about-us/content/diversity-and-inclusion. Furthermore, NTT DATA Services will make accommodations for eligible applicants on a case-by-case basis. Please email EEOOfficer@nttdata.com for assistance.


Job Segment: Consulting, Developer, Cloud, Java, Database, Technology