Security Architect, Charles River Development, Assistant Vice President

Summary:

The Security Architect is a leading technical contributor to maintain and enhance the software security program at Charles River Development. The security program encompasses vulnerability identification and tracking, assessment and scoring (via CVSS), vulnerability remediation management, software design review, code review and threat modeling.

The role requires comprehensive knowledge of security attack vectors from the operation system through the application layer and persistent layer and related defensive controls for preventing, detecting, and mitigating attacks in both on premise and public cloud scenarios.

The Security Architect will leverage security policies to help enhance procedures, and best practices across the Charles River Development application stack. In addition, this role will work very closely with various teams and stakeholders to execute the security policies, procedures and best practices.

Responsibilities:

• Lead and perform threat modeling and security architecture reviews for our products / applications.
• Collaborate with development teams to integrate security best practices into the software development lifecycle.
• Identify security risks and vulnerabilities in our applications/ Products.
• Work with subject matter experts to develop vulnerability remediation plans and drive implementation
• Perform security code review. Capable to quickly identify common implementation pitfalls which will lead to security vulnerabilities.
• Triage vulnerability findings through industry standard threat scoring practices (CVSS).
• Development and application of security configuration, deployment best practices, and key security controls for deployment hardening.
• Deliver security awareness training to the development organization on a periodic basis.
• Keep apprised of new offensive threats and the defensive technologies to defeat or mitigate attacks.
• Monitor the software industry for vulnerabilities that could affect Charles River Development products.

Education:

• B.S. degree (or foreign education equivalent) in Computer Science, Engineering, Mathematics, and Physics or other technical course of study required. MS degree strongly preferred.

Qualifications/Experience:

• A minimum of 7+ years of progressively responsible experience as security engineer, among which at least 2+ years of focus on secure SDLC is required.
• Demonstrated knowledge of common vulnerabilities and corresponding remediation approaches.
• Advanced technical knowledge of techniques, standards and state-of-the art capabilities for identity management, authentication, authorization, Single-Sign-On, applied cryptography, and security vulnerability remediation.
• Strong working experience of security architecture assessment and threat modelling for web applications and services are required.
• Knowledge of Azure cloud and container security is preferred.
• Certifications such as CISSP, CISM, SABSA, TOGAF or similar are a plus.
• Strong written and verbal communication skills.
• Strong analytical and problem-solving skills.

About State Street

What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we’re making our mark on the financial services industry. For more than two centuries, we’ve been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.

Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You’ll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.

Inclusion, Diversity and Social Responsibility. We truly believe our employees’ diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.

State Street is an equal opportunity and affirmative action employer.

Discover more at StateStreet.com/careers

State Street's Speak Up Line