Responsibilities:
•       Provide the applications security viewpoint to technology strategies, conceptual models, policy and architectural guidance of other domains
•       Author and review content for producing strategies, conceptual models, policy and architectural guidance directly related to applications security
•       Complete Security Design Assessments & Security Build Assessments
 
Qualifications:
•       Excellent English communication skills - written and spoken. - Deep knowledge and experience with web services and services management technology and products across all three platforms preferably, Java, .NET and z/OS.
•       Deep knowledge and experience with industry standards specific to web services and services management.
•       Understanding of the CtP Process
•       Understanding of the Security Design & Build Assessment process/procedure
•       Certified Information Systems Security Professional (CISSP) certification
•       Knowledge of best practices for Java and .NET
•       Software development experience with either Java or .NET development experience a plus
•       Threat Modeling experience
•       5+ years of IT security experience
•       Experience with ESIS and using the ESPS security control standards
•       Product/process/offering security design assessment experience
•       White box testing experience is a plus
•       Knowledge of white box testing methodology
•       Experience with Service Oriented Architecture (SOA) & Web 2.0
•       Experience with performing manual security source code reviews
•       Experience with OWASP top 10 web application vulnerabilities
•       Experience with PCI, HIPAA, and other industry standards
•       Experience with Personal Identifiable Information (PII) and how to properly protect it