Develop, maintain and promote baseline security testing framework
Perform code review, security feature and design review
Manage enterprise application security program which includes both a centralized and decentralized model for application testing, code scanning, issue tracking, issue remediation, key metrics, etc.
Develop, maintain and report on key application security metrics
Prepare a risk report for each Threat Modeling assessment listing out attack surface, threats, flaws and providing remediation guidance
Perform Security Architecture Risk Analysis (SARA) / Security Design Reviews (SDR) of applications and assess their designs against known and emerging threats
Knowledge of network security architecture concepts, including topology, protocols, components, and principles