We help you grow and become
a global player

Application Security Architect

Karachi, Pakistan
Job Description: 

Systems Limited Karachi is looking for Application Security Architect. Candidate have to collaborate with solution architects, developers, product managers and R&D leaders to perform security assessments, design and code reviews, threat modeling, testing and fuzzing in order to identify and remove any existing or potentially emerging security defects in the software and/or software requirements and development lifecycle.

Essentials Skills: 
Develop and implement any necessary changes to improve security and eliminate vulnerabilities.
Champion security throughout the software development lifecycle and oversee all security and vulnerability related initiatives at the application level.
Mentor the development teams on application security best practices and identify common coding errors that could pose any security risks.
Work with QA team to develop proper security testing techniques.
Develop and maintain technical, security related documentation.
Play and active part in all governance process, ensuring application development adheres to necessary security policies and industry standards.
Technical Skills: 
Overall understanding of IT infrastructures, including application, databases, networks and systems.
Career experience working with enterprise grade software and security issues, including Critical Server Production Server Protection Systems, Vulnerability Management Systems, File Integrity, PKIs, Encryption, Access and Identity Control Systems.
Experience in security testing techniques, security auditing practices, and identifying underlying software defects that tend to result in security vulnerabilities.
Commercial experience with vulnerability scanning tools.
Application development experience using Object Oriented languages, Microsoft .Net Technologies (ASP.NET, C#, MVC).
Experience of using Security Testing tools,
Experience with multi-tenant architectures.
Expertise in the following areas: Encryption and Private Data, Cryptography, Multi-level security (MLS), Threat Modelling and Static Analysis, OWASP expertise required.
Knowledge of common classes of threats and vulnerabilities including buffer overflows, cross-site scripting, cross-site request forgery, cryptographic weaknesses and SQL injection.
Knowledge of standards and cutting edge techniques around Authorization and Authentication.
Strong analytical and problem-solving skills.
Understand and/or experience with Mobile operating systems (IOS, Android, Windows Phone) highly preferred.
Relevant industry certifications preferred (i.e. CISSP, ISSAP, CISM, CSSLP, GPEN, GWAPT, CEH, OSCP, etc…).
5+ Years Experience
Academic Qualification(s): 
Minimum Qualification: Bachelor’s Degree in Computer Science