Skip navigation

Security Architect

  • Minsk, Belarus
  • hot
Job #: 24899
Currently we are looking for a Security Architect for our Minsk office to make the team even stronger.

As an Application Security Architect, you will be responsible for increasing Security Awareness among Project Teams and making products more robust and secure.

This kind of goal tends to be very challenging and includes lots of various activities: from communicating with a customer, explaining, what IT Security means in general and Application Security in particular, advocating consistent approach to security through the whole SDLC for both customer and the Development Team. You will be tracking and helping the team with security-related activities, going deep into project details, creating the security-related artifacts, making contribution into Security Testing etc. Another very common case is when an Application Security Architect is involved in the mature stage of SDLC for security review of already existing product.

Responsibilities

  • Perform security audits for ongoing projects: both Architecture and Implementation/Code Review
  • Contribute in building Secure Architecture and Design for the new projects or making corrections to the existing ones
  • Work as a Security Advisor helping to establish secure development activities in SDLC end-to-end
  • Perform Security Trainings for Development Teams
  • Communicate with customers and teams, be able to convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing it (e.g. do pen testing before release)
  • Communicate with all sub-teams: BAs, Developers, QAs, building consistent understanding of Security Requirements, main Threats, and Mitigations implemented
  • Be able to communicate and coordinate work with other Security Teams - Infrastructure Security Experts, Penetration Testers
  • Work as a Consultant answering particular questions related to security in development
  • Work on pre-sales making sure Security is addressed properly and taken into account in budget and effort estimations

Requirements

  • Knowledge of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP CLASP etc.):
    • Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review
  • Deep understanding of the nature of security threats, their classification:
    • Knowledge of the most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc.) and how they match the general classification
  • Understanding of the main security principles, such as multi-layered protection (Defense in Depth)
  • Understanding of the main areas of protection (Security, Privacy, Availability) and levels of defense (networking, infrastructure, OS, Application)
  • Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, crypto operations etc.)
  • Good knowledge of Security Features and Mechanisms provided by at least one OS (e.g. Windows, Linux, Android, iOS etc.) and development platform/technologies (e.g. Java, .NET Framework, databases etc.)
  • Familiarity with existing Security Standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria etc.) and what does it mean to implement compliance with them
  • Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing, Intrusion Detection/Prevention etc
  • Understanding of basic principles of infrastructure security and penetration testing
  • Ability to use the tools to perform actual attacks is a plus
  • Certification in any security area is a plus

We offer

  • Innovative solutions delivery to the world’s digital changes
  • Experience exchange with colleagues all around the world
  • Opportunities for self-realization
  • Friendly team and enjoyable working environment
  • Engineering, corporate and social events
  • Social package: professional & soft skills trainings, medical & family care programs, sports
  • Free English classes
  • Flexible working schedule

Здравствуйте, чем мы можем вам помочь?


Наши офисы

  • Канада

    • Оттава

      343 Preston Street,
      ON K1S 1N4, Ottawa
      Canada

      Карта
    • Торонто

      5 Park Home Avenue,
      Suite 400,
      ON M2N 6L4, North York,
      Toronto
      Canada

      Карта
      Тел: +1-416-591-4004
      Факс: +1-416-595-1551
  • Мексика

  • США

    • Ньютаун

      41 University Drive,
      Suite 202,
      Newtown, PA 18940
      USA

      Карта
      Тел: +1-267-759-9000
      Факс: +1-267-759-8989
    • Белвью

      110 110th Ave. NE,
      Suite 310
      Bellevue, WA 98004
      USA

      Карта
    • Бостон (Массачусетс)

      21 Drydock Avenue,
      Suite 410 W,
      Boston, MA 02210
      USA

      Карта
    • Вашингтон

      7901 Jones Branch Drive,
      Suite 400,
      McLean, VA 22102
      USA

      Карта
    • Кембридж (Массачусетс)

      One Mifflin Place
      Cambridge, MA 02138
      USA

      Карта
      Тел: +1-267-759-9000
      Факс: +1-267-759-8989
    • Коншохокен (Пенсильвания)

      101 East 8th Ave,
      Suite 201,
      Conshohocken, PA 19428
      USA

      Карта
      Тел: +1-484-382-1300
    • Маунтин-вью

      465 Fairchild Dr,
      Building B, Suite 221,
      Mountain View, CA 94043
      USA

      Карта
    • Нью-Йорк (Нью-Йорк)

      24 West 25th Street,
      New York, NY 10010
      USA

      Карта
      Тел: +1-267-759-9000
      Факс: +1-267-759-8989
    • Филадельфия (Пенсильвания)

      30 South 15th Street,
      9th Floor,
      Philadelphia, PA 19102
      USA

      Карта
  • Австралия

  • Гонконг

  • Индия

    • Бангалор

      Smartworks,  
      Global Technology Park,
      Block C, Outer Ring Rd,
      Adarsh Palm Retreat, Bellandur,
      Bengaluru, Karnataka 560103
      India

      Карта
    • Пуна

      Level 6,
      Pentagon Tower P-2,
      Magarpatta City,
      Hadapsar,
      Pune - 411013,
      Maharashtra
      India

      Карта
    • Хайдарабад

      North wing,
      JVP Building, Plot No. 5,
      Software Units Layout
      Madhapur,
      Hyderabad - 500081
      India

      Карта
      Тел: +91-40-47979900
  • Китай

    • Гуанчжоу

      Unit B01, 23/F
      Yuexiuxinduhui Building
      No. 236, 6th Zhongshan Road
      Yuexiu District
      510180 Guangzhou, China

      Карта
    • Сучжоу

      18F, Phase 3
      Science Plaza
      1355 Jinjihu Avenue
      Suzhou Industrial Park
      215021 Suzhou, China

      Карта
    • Шанхай

      Room B509, 5th Floor,
      48 Weihai Road,
      Huangpu District, Shanghai,
      China 200000

      Карта
    • Шэньчжэнь

      Vision Shenzhen Business Park
      No. 9 Gaoxin 9th South Road
      Building 5, Floor 3
      Shenzhen Hi-Tech Industrial Park
      Nanshan District
      518057 Shenzhen
      China

      Карта
  • ОАЭ

    • Дубай

      EPAM Systems FZ-LLC Dubai Branch
      2307 Arenco Tower, Dubai Media City
      PO Box 501929 Dubai
      United Arab Emirates

      Карта
      Тел: +971-4-568-3569
  • Сингапур

    • Сингапур

      6 Raffles Quay
      #16-01,
      Singapore 048580

      Карта
      Тел: +65-6812-7843
      Факс: +65-6812-7889
  • Япония

    • Токио

      Floor 1-10-11
      Shibadaimon Centre Building 10th
      Shibadaimon Minato-ku
      Tokyo 105-0012
      Japan

      Карта
      Факс: +81-03-6880-9201