Product and Application Security Architect - Frankfurt am Main, Deutschland - FactSet Research Systems
![FactSet Research Systems](https://contents.bebee.com/public/img/noimg-businessx400.jpg)
FactSet Research Systems
Frankfurt am Main, Deutschland
Geprüftes Unternehmen
vor 3 Wochen
Beschreibung
Role/Department Description:
- This position will report directly to the Product and Application Security Director._
Key Duties and Responsibilities:
- Conduct regular security assessments and vulnerability analysis to identify potential risks and propose appropriate mitigation strategies
- Conduct code reviews and penetration testing to identify security vulnerabilities and suggest remediation measures
- Stay updated with the latest security technologies and trends, incorporating them into existing security frameworks as necessary
- Define and enforce security policies, standards, and procedures to maintain strong security posture
- Conduct security trainings and workshops to raise security awareness among team members
- Keep uptodate documentation on security architecture designs, policies, procedures, and incident response plans
- Support the automation of security testing and more efficient discovery, tracking, and resolution of security vulnerabilities
- Collaborate closely with security champions to enhance and optimize our security champion program, fostering continuous improvement and promoting a proactive approach to security throughout the organization
Preferred Qualifications:
- Bachelor's or Master's degree in Information Security, Computer Science, or a related field
- Experience with threat modeling, risk assessments, and vulnerability management
- Proficiency with security tools such as static and dynamic analysis tools, penetration testing frameworks, and vulnerability scanners
- Familiarity with relevant security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR)
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with crossfunctional teams and senior stakeholders
- Relevant certifications such as CISSP, CSSLP, and OSCP are highly desirable
- Strong analytical and problemsolving abilities, with a keen attention to detail
- Strong Knowledge of development and integration tools and technologies (e.g. CI/CD)