QVC - Security Application Architect

advertisement
QVC
*Position Title:
*Position Type:
*Compensation:
*Start Date:
*Location:
Security Application Architect
Full-Time
Salaried - Competitive
Immediate Hire
West Chester, PA
*Job Requirements
*Job Description
QVC is one of the world’s leading multimedia retailers, reaching millions of customers
around the globe each day on-air, on-line, and through mobile. Information security is a
priority for QVC. To advance the global security program, QVC is seeking a Security
Applications Architect that will guide the application development teams in designing
secure applications which will adequately support the business requirements of the
organization. This position is based outside of Philadelphia at QVC Founders Park
location in West Chester, PA.
As QVC continues to mature the global information security program, we recognize the
value of a formal information security architecture process as one of the key enablers of
such a program. It is the planning process that provides the models, templates and
principles that are used to design, implement and operate information security solutions.
It enables consistency, leverage and reuse to satisfy the business requirements for
security services in an optimum manner. The role of the Security Application Architect
demands business insight; technical acuity; and the ability to think, communicate and
write at various levels of abstraction.












Works closely with IT architects, other functional area architects and security
specialists to ensure adequate security solutions are in place throughout all
applications and database repositories to mitigate identified risks sufficiently, and
to meet business objectives and regulatory requirements.
Assists in developing the business, information and technical artifacts that
constitute the enterprise information security architecture and solutions.
Conduct risk assessments of new development efforts as well as externally
purchased applications and web services
Serves as a security expert in application development efforts, helping project
teams comply with enterprise and IT security policies, industry regulations, and
best practices.
Contributes to the alignment of security governance with IT architecture
governance and project and portfolio management (PMO).
Researches, designs and advocates new technologies, methodologies,
architectures, and security products that will support security requirements for the
enterprise and its customers, business partners and vendors.
Contributes to the development and maintenance of the information security
strategy.
Evaluates and advocates use of the approved SDLC processes to secure
application solutions. Assists in analyzing business impact and exposure, based
on emerging security threats, vulnerabilities and risks for application systems.
Supports communication of application security risks and solutions to business
partners and IT staff.
This is an expert/technical role. It defines the information security application
architecture and design for the enterprise.
This person works on multiple projects as the subject matter expert.
The role is involved in projects or issues of high complexity that require in-depth
knowledge across multiple application platforms and business segments.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 1 of 2
* Skills &
Qualifications:
Education:
Certification(s):
Travel:
Requirements:
 A bachelor's or master's degree in computer science, information systems or
other related field; or equivalent work experience.
 Knowledge of a relevant enterprise architecture methodology (for example, the
Zachman Framework or TOGAF).
 Seven to 10 years of combined IT and security work experience in application
development, with a broad exposure to application and multiplatform
environments.
 Expert knowledge of security issues, techniques and implications across all
existing computer platforms.
 Strong conceptual thinking and communication skills — the ability to
conceptualize complex business and technical requirements into comprehensible
models and templates.
 Ability to work well under minimal supervision.
 Team-oriented interpersonal skills, with the ability to interface effectively with a
broad range of people and roles, including vendors, IT and business personnel.
 Demonstrable written and verbal communication skills.
 Experience in using an enterprise architecture methodology (for example,
Zachman, TOGAF and Gartner frameworks).
 Knowledge of a security-specific architecture methodology (for example,
SABSA).
 Proven ability in application security process and organizational design.
Preferred Requirements:
 Industry Standard Security certifications including: SANS, GIAC, CEH, CISA,
CISSP, and CSSLP.
 Industry Standards IT certifications including MCSE, RHCE, CCIE, and PMP
 Experience programming in C or Java.
 A bachelor's or master's degree in computer science, information systems or
other related field; or equivalent work experience.
Desired:
 Industry Standard Security certifications including: SANS, GIAC, CEH, CISA,
CISSP, and CSSLP.
 Industry Standards IT certifications including MCSE, RHCE, CCIE, and PMP
Minimal
*Contact Information
Job Reference:
*Contact Name:
Email Address:
Telephone:
Fax:
Website:
Company
Information:
Special
Instructions:
R17611
Lorna Bissinger
Lorna.Bissinger@qvc.com
www.qvc.com/careers
QVC, Inc., a wholly owned subsidiary of Liberty Interactive Corporation (NASDAQ:
QVCA, QVCB), is the world’s leading video and ecommerce retailer. QVC is committed to
providing its customers with thousands of the most innovative and contemporary beauty,
fashion, jewelry and home products. Its programming is distributed to approximately 300
million homes worldwide through operations in the U.S., Japan, Germany, United
Kingdom, Italy and a joint venture in China. Based in West Chester, Pa. and founded in
1986, QVC has evolved from a TV shopping company to a leading ecommerce and
mobile commerce retailer. The company’s website, QVC.com, is ranked among the top
general merchant Internet sites.
For more information, visit our website at www.qvc.com/careers (Job ID R17611).
Applications may be submitted on-line or via e-mail to lorna.bissinger@qvc.com.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 2 of 2
Download