Experience a community of support
IT Application Security Architect04/11/2019 Locations Berlin-CT
Job Description Summary:
The IT Application Security Architect (ITASA) will work with IT to support all business units and various technology areas to ensure Confidentiality, Integrity and Availability to Eversource applications. The ITSA will succeed by working closely with Eversource project teams, Eversource Business Groups, and the IT Security team to ensure appropriate and effective security controls are in place for new Eversource initiatives.
The ITASA will lead and mentor a team of application security engineers. This team will be responsible for reviewing, disseminating and updating security policies, standards, and controls related to application security. The team will also work with the responsible parties to identify, assess and remediate risks related to application security.
The ITSAA will lead the application security program to evaluate, recommend, design and implement application security solutions to increase Eversource’s application security posture. Third party tools and partners will be evaluated as necessary, and automation of tools and processes will also be a driving goal. The ITASA will support the security roadmap for IT Security and lead the roadmap for application security by working with the other IT Architects to make sure it is aligned to Eversource domain standards and the overall security roadmap.
- Develop and recommend cyber-security technology strategies, publish Eversource security standards, develop security solutions for projects and Infrastructure and methods to monitor compliance.
- Provides security recommendations and functional requirements to internal business groups.
- Coordinates and resolves complex technical security problems and challenges.
- Anticipates and prepares for emerging business, application and infrastructure needs, and translates these needs into security requirements.
- Runs and manages research, automation, and technology evaluation projects.
- Ability to anticipate and respond to changing priorities, and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness
- Produce high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to senior management
- Be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy
- Recommend effective process changes to enhance Eversource’s security posture.
- Evaluate, test and select security tools, evaluation products, and control products.
A minimum of 7 years of experience in the field of information technology plus additional 3-5 years of enterprise development. Strong working knowledge of information systems security standards and practices. Knowledge across many of these areas:
Application Encryption Key Management, Database Security, System authentication and authorization, Enterprise Directory Services, Azure SaaS /PaaS Security and Design, Web server configuration and hardening, Mobile Application security, Networking, or related information security subject area.
- Experience with OWASP top 10
- Experience standing up technical teams
- Experience with application and systems architectures
- Knowledge of web application penetration tool sets
- Bachelor’s degree preferred.
- Experience with and knowledge of NIST, ISO27001, or COBIT
Number of Openings:1
SEO Category:IT Jobs
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor