Application Security Architect - London/Remote

Application Security Architect – London/Remote

Atrium UK are looking for an accomplished Application Security Architect to work closely with all levels of engineering and solution architecture teams to produce technical requirements and ensure solutions work together and fulfil business needs. This is a remote role with occasional visit to the London office. You must be based within the UK and be able to travel to the London Office when needed. PAYE/umbrella option/ Inside IR35. Investigate and resolve complex and high-priority incidents. Communicate to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios.

• Manage a portfolio of applications and projects from inception to completion, ensuring the correct security controls are put in place.
• Maintain a deep understanding of the business, our patients and healthcare-delivery models. This understanding includes key systems, key contacts, priorities and concerns within the business and IT.
• Ensure Information Security policies and procedures are up to date, relevant and adhered to, including security and technical standards.
• Perform vulnerability testing, risk analysis, and security architecture assessments.
• Relates well to constraints experienced by business partners and finds practical, win-win solutions.
• Analyzes customer needs; ensures solutions meet business and security requirements.
• Holds self and others accountable for meeting customer needs and expectations in a timely, professional manner.
• Maintains high personal accountability; takes ownership of issues, develops effective remediation approaches, and drives for results.
• Employs business acumen to develop appropriate solutions and solve problems - understands business risks and business objectives. Understands health care delivery and provider environments.
• Able to translate business needs into information security requirements.
• Ability to communicate technical security risks in a manner that resonates with business leaders.
• Ability to establish and manage to a planned set of related activities with a focus on hitting deadlines.
• Stay up to date with industry trends, best practices and regulatory standards that may impact product implementations.

Essential:

• Extensive experience of Application security architecture
• Experience working in large and highly regulated organizations and agile environments.
• Experience with practical interpretation and application of policy and standards.
• Subject matter expert knowledge of the technology aspects of security.
• Experience with implementation of Security within development pipelines and Dev Ops with a good understanding of customer centric design principles and software development.
• Experience with GDPR, HIPAA & PCI frameworks
• Technical security certification like CISSP, CCSP, CEH, Microsoft Azure or AWS or equivalent
• Thorough understanding of Development and Architecture roles such as DevOps, SRE, Solution/Technical Architect and Senior Developer
• Working knowledge of secure development practices and standards such as OWASP and MITRE especially on cloud providers
• Excellent written and verbal communication skills with Stakeholder management and interpersonal skills at both a technical and non-technical level as well as at various levels of seniority.
• Identifying the need for new, or changes to existing, security patterns for UI, API, and micro services.
• Threat Modelling and dynamic security testing experience, to identify any security risks before live deployment
• Development experience in .NET and/or Java. Experience with scripting (e.g. python, PowerShell, bash). Experience of web application and API development (Typescript, React, HTTP, PHP).
• Demonstrable Understanding of cryptography concepts.
• Business analysis experience such as requirements gathering and modelling use cases and scenarios
• Knowledge of information security concepts and technologies such as IDS, email gateways and desktop security products, SIEM and SOAR platforms, web application firewalls and vulnerability management tools.

Click Apply now to be considered for the Application Security Architect – London/Remote role