Project Name: The Data Center Colocation and Migration Project

TASKS & DUTIES:

• Objective:
  • Implement Software Security Assurance Process for all HRA/DSS/DHS Applications identified for Data Migration Project to make the applications compliant within mandated Citywide Security Policies
• Scope/Task Breakdown:
  • Evaluate and scope applications with the application development teams to identify criticality of the application and identify data sources and elements.
  • Enforce application security requirements
  • Evaluate application architecture to identify gaps in infrastructure security
  • Create and enforce standards for use of Firewalls, WAF, Identity Management and Multi Factor Authentication
  • Onboard Applications to Threat Modeler and Vulnerability Scanners
  • Configure Applications on Vulnerability Scanners to perform Static and Dynamic Scans
  • Configure and generate application vulnerability scan reports

REQUIRED SKILLS

• 5+ years of experience in Application Security & Industry Standards (OWASP, NIST)
• 5+ years of experience in Secured Software Development Life Cycle (SSDLC)
• 5+ years of experience in Threat Modelling & Risk Assessments
• 5+ years of experience in Application Scanning for Vulnerabilities (SAST, DAST)
• 5+ years of experience in Integration of Security in CI/CD Pipeline, DevOps, Dev SecOps (Azure, Jenkins)
• 5+ years of experience in API Security & Access Controls (OAuth, SAML, SSO)
• 5+ years of experience in Cloud Security
• 5+ years of experience in Agile Environment Collaboration
• 5+ years of experience in Project Management
• 5+ years of experience in Cross-Functional Team Collaboration
• 5+ years of experience in Client Engagement & Communication
• 5+ years of experience with Operating Systems: Windows Server, Apache, Microsoft IIS, Windows, Linux, VMware, Citrix
• 5+ years of experience with Technology Stack: ASP, .NET, Visual Basic.NET, Visual Basic, Cold Fusion, JavaScript, HTML, C++, C#, MS PowerApps, Python, Powershell, Shell Scripting, Selenium
• 5+ years of experience with Security Tools — Must Have: VERACODE, IBM Appscan, SD Elements, Burp Suite
• 5+ years of experience with Security Tools — Plus to Have: CHEKMARX, Fortify, Prowler, SonarQube, SNYK, Wireshark, OWASP ZAP, Rapid7, STRIDE

If you are interested in getting more information about this opportunity, please contact Irina Rozenberg  Recruiting@arielpartners.com at your earliest convenience.
 
At Ariel Partners, we solve the most difficult problems that inhibit technology from enabling our customers to achieve their goals. Our vision is to be recognized by our stakeholders as an elite provider of IT solutions, so when they have their biggest challenges, we are on their short list. We are looking for team members who share our values of: Integrity to do the right thing even when it hurts; Commitment to the long-term success and happiness of our customers, our people, and our partners; Courage to take on difficult challenges, accept new ideas, and accept incremental failure; and the constant pursuit of Excellence. Ariel Partners is an Equal Opportunity Employer in accordance with federal, state, and local laws.