Application Security Architect - London/Remote

Application Security Architect – London/Remote

Atrium UK are looking for an accomplished Application Security Architect to work closely with all levels of engineering and solution architecture teams to produce technical requirements and ensure solutions work together and fulfill business needs. This is a remote role with occasional visits to the London office. You must be based within the UK and be able to travel to the London Office when needed. PAYE/umbrella option/ Inside IR35. Investigate and resolve complex and high-priority incidents. Communicate to senior management on risk management concepts, as well as specific project risks and risk mitigation options/scenarios.

• Manage a portfolio of applications and projects from inception to completion, ensuring the correct security controls are put in place.
• Maintain a deep understanding of the business, our patients, and healthcare delivery models, including key systems, key contacts, priorities, and concerns within the business and IT.
• Ensure Information Security policies and procedures are up to date, relevant, and adhered to, including security and technical standards.
• Perform vulnerability testing, risk analysis, and security architecture assessments.
• Relate well to constraints experienced by business partners and find practical, win-win solutions.
• Analyze customer needs; ensure solutions meet business and security requirements.
• Hold self and others accountable for meeting customer needs and expectations in a timely, professional manner.
• Maintain high personal accountability; take ownership of issues, develop effective remediation approaches, and drive for results.
• Employ business acumen to develop appropriate solutions and solve problems - understand business risks and business objectives, as well as health care delivery and provider environments.
• Able to translate business needs into information security requirements.
• Ability to communicate technical security risks in a manner that resonates with business leaders.
• Ability to establish and manage a planned set of related activities with a focus on hitting deadlines.
• Stay up to date with industry trends, best practices, and regulatory standards that may impact product implementations.

Essential:

• Extensive experience in Application security architecture.
• Experience working in large and highly regulated organizations and agile environments.
• Experience with practical interpretation and application of policy and standards.
• Subject matter expert knowledge of the technology aspects of security.
• Experience with the implementation of Security within development pipelines and DevOps, with a good understanding of customer-centric design principles and software development.
• Experience with GDPR, HIPAA & PCI frameworks.
• Technical security certification like CISSP, CCSP, CEH, Microsoft Azure, or AWS or equivalent.
• Thorough understanding of Development and Architecture roles such as DevOps, SRE, Solution/Technical Architect, and Senior Developer.
• Working knowledge of secure development practices and standards such as OWASP and MITRE, especially on cloud providers.
• Excellent written and verbal communication skills with Stakeholder management and interpersonal skills at both a technical and non-technical level as well as at various levels of seniority.
• Identifying the need for new, or changes to existing, security patterns for UI, API, and microservices.
• Threat Modelling and dynamic security testing experience, to identify any security risks before live deployment.
• Development experience in .NET and/or Java. Experience with scripting (e.g., Python, PowerShell, Bash). Experience in web application and API development (Typescript, React, HTTP, PHP).
• Demonstrable understanding of cryptography concepts.
• Business analysis experience such as requirements gathering and modelling use cases and scenarios.
• Knowledge of information security concepts and technologies such as IDS, email gateways, desktop security products, SIEM and SOAR platforms, web application firewalls, and vulnerability management tools.

Click Apply now to be considered for the Application Security Architect – London/Remote role