Applications Security Architect- CISSP, SANS GIAC, security+ and MCSE required

Job Description

Modis (a leader in the I.T. staffing industry) has a premier client in the Charleston, SC area seeking outstanding candidates for the following 9 month contract-to-hire opportunity:
As the Application Security Architect you will provide vision and leadership for application security as it supports our business.  You will work closely with the engineering organization to create innovative security solutions for our systems and educate our engineering team on secure application development. Additionally, you will play a key role as you provide both strategic and tactical security leadership and develop technology solutions which promote securing customer data including examining new and existing technologies. Responsibilities include identifying and understanding the networks, infrastructure, software, middle-ware and development practices that make them successful in order to identify the security issues that can put our data at risk, and then building solutions and mitigations to help resolve those risks. 

Responsibilities include: 

• Guide the security of applications by participating in design reviews, SDLC, and in depth security penetration testing of our code and systems.  
• Provide input on application design, secure coding practices, log forensics, log design and code security.  
• The ideal candidate will have in-depth experience protecting against web services security vulnerabilities including cross-site scripting, SQL injection, DoS attacks, business logic, Java, .NET and APIs.  
• Maintain an ongoing process of evaluation and testing for compliance with established security design standards.  
• Ensure security testing measures are integrated into the quality assurance program. 
• Lead the effort to provide on-going training and awareness regarding application security to development, quality, and architecture teams. 
• Act as a technical resource and communicate security vulnerabilities while also providing recommendations to address or mitigate associated risk. 
• Represent security interests on project teams by ensuring security standards and requirements are defined as part of the deliverables. 
• Participate in security testing and application assessments. 
• Develop and implement information security policies and procedures.  
• Provide planning and review of system and network designs to ensure compliance with company security policies and security best practices.  
• Define application hardening; assist in the audit of security configurations for compliance and implement solutions to prevent identified variances from re-occurring.  
• Evaluate new products, methods, and technologies to protect against existing and emerging security threats.  
• Provide configuration tuning, troubleshooting services and incident response for security infrastructure where needed.  
• Work with sensitive, confidential and/or proprietary information while maintaining the highest level of confidentiality, professionalism, and ethics.  
• Identify and resolve complex issues and develop innovative solutions to achieve both business and technology goals while maintaining appropriate security.  

Basic Qualifications
Bachelor's degree. 
5+ years of broad work experience including administration, engineering and security. 
3+ years of experience in application security design. 
Ensure security standards are built into the SDLC. 
Strong understanding of OWASP Top Ten and WASC Threat Classifications. 
Extensive programming and application development experience in multiple languages such as Java, .NET, and scripting language. 
Experience with Application Security testing tools and methodologies.
Knowledge of security and privacy requirements such as PCI, SOX, SAS-70, HIPAA, and Privacy regulations.
Must be willing to relocate to Charleston, SC.
Applicants must submit a writing sample. 

Additional Qualifications:
Ability to work on multiple projects simultaneously and balance conflicting demands
Strong sense of professionalism, integrity and ethics
Ability to combine technical skills with an understanding of business needs to successfully protect assets
Excellent communication, presentation, and leadership skills
Ability to demonstrate strategic thinking
Extensive problem solving and analytical skills
Proven ability to communicate effectively, both verbally and in writing to technical and non-technical audiences
A post secondary education is strongly preferred, graduate work a plus
CISSP, SANS GIAC, security+, MCSE or equivalent certifications are a plus
Familiarity with multi-platform environments and their operational/security considerations. 

Please note that this position is NOT currently available to candidates requiring a visa sponsorship.

Please also note that this position is a 9 month contract-to-hire on site in Charleston, SC and NOT available to telecommute situations nor long term contractors.

Please forward all resumes of highly qualified parties only interested interested in a 9 month contract-to-hire on site in Charleston, SC to:
todd.bonner@modis.com

About Modis

MODIS is a leader in information technology (IT) consulting and solutions. With offices and operations in over 60 cities throughout the U.S., Canada, the UK and Europe, MODIS delivers world-class IT solutions to more than 1,000 mid-market and Fortune 1000 clients in virtually every industry. And as part of the MPS Group, a $2.2 billion publically traded company on the New York Stock Exchange, MODIS brings the financial strength and resources to help you meet your IT goals.