EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.EPAM is looking for an Application Security Architect to join the Security practice to work directly with our biggest enterprise customers.ResponsibilitiesLead and coordinate Security Audits across the software development lifecycle: from Architecture, Process, Risk to TestingEstablish secure software development lifecycle (SSDLC) programsSupport software development teams in secure development methodologies, tools, and processesTrain Software Development teams in the areas of secure developmentBuilding Secure Architecture and Design for the projectsCommunicate with customers and teams, be able to convey the message about importance of Secure Software development Life Cycle, the ways of establishing itCooperate with all sub-teams: BAs, Developers, Qas; build consistent understanding of Security Requirements, main Threats, Mitigations implementedBe able to communicate and coordinate work with other Security Teams - Cloud Security Engineers, Infrastructure Security Engineers or Penetration TestersRequirementsSoftware Development or Security-focused university degree OR equivalent experienceMotivation to develop and grow in the field of SecurityFamiliarity in one or more Security Development methodologies (e.g. Microsoft SDL, OWASP OpenSAMM, BSIMM, etc.)Familiarity with Threat Modeling, hands-on experience with one or more Threat Modeling ToolsUnderstanding of main Security-related activities in development such as Security Requirements gathering, Risk Assessment, Security Code ReviewFamiliarity with of security threat, their implementation and their classificationUnderstanding of main security concepts and principlesUnderstanding of main areas of protection and levels of defenseNice to haveKnowledge of cybersecurity tools within categories such as Static Code Analysis, Penetration Testing, and Intrusion Detection/PreventionUnderstanding of Security Features and Mechanisms within one or more OS or development platforms/technologiesSkills in implementing mitigation mechanisms for different types of threatsCompetency in working with established security standards and regulations and implementing their requirementsFamiliarity with foundational principles of infrastructure security and penetration testingExpertise in cloud security controls and policiesRelevant certifications like CISSP, CCSP, SANS GIAC or similar qualifications are beneficialBackground in Cloud SecurityWe offer/BenefitsWe believe that the greatest strength of the company is its people. EPAM is fully committed to help its employees to reach their full potential and achieve their professional goals through continues learning. With this in mind, we would like to introduce to you few of the many opportunities and services which we believe will help you expand your current knowledge: * Career development opportunities with a transparent career path
Wide range of professional trainings, workshops, and mentoring programs plus unlimited access to LinkedIn Learning
Learning resources and financial support for completing certification programs
Christmas and Vacation bonus
Corporate Health Insurance (basic and supplementary)
Free yearly medical check-ups
25 days of vacation
Refer a FriendKnow someone who would be a great fit for this opportunity? Refer now
