Skip Navigation
Find a job
at TD Ameritrade.

Find a job at TD Ameritrade.

Lead Application Security Architect

Quick Facts

Chicago, Illinois, Baltimore, Maryland, Jersey City, New Jersey, Ann Arbor, Michigan, Omaha, Nebraska, St Louis, Missouri ID# 2018-21828 Regular Full-Time Senior Level Professional

Role:

To all recruitment agencies: TD Ameritrade does not accept agency resumes. Please do not forward resumes to our job alias, TD Ameritrade employees or any other company location. TD Ameritrade is not responsible for any fees related to unsolicited resumes.

 

The TDA Security Risk Management (SRM) Group, under the leadership of the Chief Information Security Officer (CISO), is tasked to protect information assets in support of TDA business objectives and in conformity with TDA policies. The Software Security Assurance Team is a core function of SRM and is primarily responsible for establishing and guiding the Secure Software Development Program within TD Ameritrade.
These activities include leading the creation and rollout of software security policies and best practices, software security architecture, software security scanning, penetration testing and the education of TDA software developers and testers in security best practices. The Sr. Consultant Software Security Engineer is a highly skilled expert in the control and protection of software to minimizes defects and vulnerabilities in software production.

 

Well qualified candidates for this position will demonstrate the following key traits:
1. Experience in leading the creation and adoption of enterprise software security standards and controls
2. Partner, guide and inspire development teams to address security concerns
3. Holds self and others to a high standard and takes initiative to define and drive winning solutions
4. Financial Services background; knowledge of trading platform process and technologies

 

Well qualified candidates will also demonstrate expertise in the following technical areas:
1. Application engineering strategy and architecture design and experience in software development
2. Extensive knowledge of Java-based application architectures and frameworks (such as Spring) and technologies spanning web, API , micro-services, SPAs and mobile.
3. Expert knowledge in application vulnerability types, attack vectors and remediation approaches
4. Industry best practices for secure software development as well as web and mobile application security
5. Working knowledge of authentication, authorization, access control technologies and protocols.
6. Knowledge of with SaaS/PaaS/IaaS security models, access management, and data protection technology
7. Expert understanding of the IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS, PKI
8. Familiarity with well-known application security sources and standards such as OWASP, WASC and NIST

 

Responsibilities:

• Ability to positively influence the behavior of peers and build relationships with other teams without direct authority over those teams
• Assess current practices and identify and implement relevant policies to ensure state of the art development practices as they relate to security
• Mentor and help develop qualified SRM staff; enterprise and domain architects and senior developers
• Frequently consulted and sought after by senior architects and technology leaders. Considered a top expert in software security
• Determines the selection of Software Security Assurance (SSA) program elements including supporting tools
• Lead the Software “Design for Security” initiative at TD Ameritrade
• Uses extensive knowledge in software development and our software applications to identify key software security risks and solutions
• Ensure security of software produced or procured by TDA to prevent loss, inaccuracy, alteration, unavailability, or misuse of data
• Establish security requirements for the software development and/or operations and maintenance (O&M) processes
• Identify the opportunities for changes to software security design patterns and reference architecture
• Oversees the mentoring and training of application developers and QA staff in application security best practices and secure coding
• Perform software focused attack surface reviews for more complicated systems, for example authentication systems, API’s
• Engage with application teams during design phase to ensure that security is baked into the application design of more complex systems
• Develop application specific threat models to identify security design flaws and provide guidance on application specific risks and controls. (highly complex)
• Identify security vulnerabilities as a result of security bugs, coding errors, omissions, and defects
• Introduce new technologies for scanning vulnerabilities and work with application developers to ensure they are integrated and used consistently
• Identify and categorize information to be contained in or used by TDA software which help determine risk and/or control solutions including application security frameworks
• Develop and improve enterprise standards for software security
• Design and implement software security controls and verify that software design correctly implements security requirements for the most complex cases
• Establish a configuration management and corrective action process to provide security for existing software and ensure that any proposed changes do not inadvertently create security violations or vulnerabilities

 

Requirements:

• Bachelor’s degree in a related field and/or a minimum of 10 years of equivalent experience
• 7+ years of enterprise software development experience. Java programming skills including knowledge of JSSE and other security features is preferred. Experience with NET/ASP/C# also a plus
• Development experience with strong Java programming skills including knowledge of JSSE and other security features. Working knowledge of Java development environment including tools and framework used by developers, develops and testers (e.g. Eclipse, Spring, Jenkins, Maven, Jira, Selenium)
• Experience with Mobile security, API security, authentication and authorization
• Experience performing software security architecture, design and requirements analysis for large-scale enterprise systems
• Solid understanding of a variety of software security practices, secure code reviews, vulnerability scanning methods, threat modeling, security requirements analysis and architectural risk analysis
• Expert knowledge in application vulnerability types, attack vectors and remediation approaches
• Expert understanding of the IP protocols and associated security mechanisms: TCP/IP, HTTP, SSL/TLS, PKI.
• Familiarity with well-known application security sources and standards such as OWASP, WASC, NIST and CVE
• Extensive applied knowledge with static and dynamic analysis tools and hacking tools
• Experience leading enterprise deployment of application security tools, services and controls

Taher - JAVA Developer

Advanced Technology – Ann Arbor

Christa - Site Support

UX Video

Sign Up for Job Alerts

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Finance and Accounting, Chicago, Illinois, United StatesRemove
  • Finance and Accounting, Baltimore, Maryland, United StatesRemove
  • Finance and Accounting, Jersey City, New Jersey, United StatesRemove
  • Finance and Accounting, Ann Arbor, Michigan, United StatesRemove
  • Finance and Accounting, Omaha, Nebraska, United StatesRemove
  • Finance and Accounting, St Louis, Missouri, United StatesRemove
  • Information Technology, Chicago, Illinois, United StatesRemove
  • Information Technology, Baltimore, Maryland, United StatesRemove
  • Information Technology, Jersey City, New Jersey, United StatesRemove
  • Information Technology, Ann Arbor, Michigan, United StatesRemove
  • Information Technology, Omaha, Nebraska, United StatesRemove
  • Information Technology, St Louis, Missouri, United StatesRemove

Your Saved Jobs

You have not saved any jobs.

About TD Ameritrade.

A leader in brokerage and investment services for over 35 years, TD Ameritrade offers a full spectrum of powerful solutions and innovative tools for trading and investing. We're constantly expanding our knowledge and bolstering our capabilities, from a leading active trader program to intuitive long-term investment solutions and a national branch system. Combined with some of the industry's brightest minds, there's no limit to how big our accomplishments can be.

From first-time investors to sophisticated traders, TD Ameritrade is focused on helping individuals seek out their financial goals. And you're the ambassador to all that we do. Beginning with our trading platform and proprietary technology to our resolve to outperform, you'll maintain the high level of quality and integrity we're known for, each and every day. With the right opportunity, there's no limit to what you can accomplish.

As a leading employer in financial services, we believe in building strong relationships, achieving quality results and working with integrity. It's at the heart of everything we do. That's why we provide you with comprehensive training, benefits and programs that inspire you to achieve more every day. Apply to a TD Ameritrade job today and help our clients pursue their dreams, while you fulfill yours.

Applicants must be eligible to work in the U.S. Immigration sponsorship is typically not available for this position.

TD Ameritrade participates in the E-Verify program. For additional information on this program please click here. TD Ameritrade is an Equal Opportunity Employer. We value diversity and offer a quality workplace. TD Ameritrade, Inc. member FINRA/SIPC/NFA is a subsidiary of TD Ameritrade Holding Corporation (NASDAQ:AMTD). TD Ameritrade is a trademark jointly owned by TD Ameritrade IP Company and the Toronto-Dominion Bank.

© 2019 TD Ameritrade IP Company, Inc.

Read More

About Finance and Accounting Jobs

TD Ameritrade has been a leader in brokerage and investment services for over 40 years and offers a full spectrum of powerful solutions and innovative tools for trading and investing. We’re constantly expanding our knowledge and bolstering our capabilities, from a leading active trader program to intuitive long-term investment solutions and a national branch system. And in order to continue achieving, we need the best professionals to join us with a Finance job.< br > At TD Ameritrade we understand that one of the biggest investments we make as a Company is in our people. And that’s why we are committed to a successful, client-focused business model, training programs and advancement paths and an outstanding work environment where you can grow your career.< br > Learn more about Finance jobs with TD Ameritrade today.

All about growth.

By virtue of what we do, our world is filled with numbers. Here are just a few that we believe best describe TD Ameritrade at its finest.

  • 10,000 Full-time
    Employees

    Graphic 2 people
  • 350+Branches
    in 49 States

    Graphic 2 people
  • 18,380 Hours Volunteered to
    Community Programs in 2017

    Graphic 2 people