Primarily responsible for Information Security Architect -
This role will secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.
Support the development of information technology solutions by leading and evaluating the security components of solution architectures with a focus on cloud. This will include determining security requirements, design specifications, and compliance controls as well validating adherence to security policies, standards, and industry-accepted best practices.
- This role will be responsible for providing deep technical expertise regarding security risks and risk mitigation approaches. Additionally, this role will assist in the creation a unified approach to security to support the rapid evolution and innovation needs of our information technology projects and cloud migration efforts.
Responsibilities:
- Develop security architecture and guiding principles to support information technology initiatives with a focus on cloud
- Drive, influence and coordinate a secure approach to the development of solutions across the enterprise
- Deliver deep technical guidance related to enhancing the security posture information technology solutions
- Participate in the security governance model, establishing policies, standards and best practices
- Proactively address changes in the external threat landscape that have an impact on the use of on premise and cloud computing technologies
- Lead, coach and mentor project teams to incorporate security into enterprise and client-facing applications
- Assist with the integration of security into cloud services delivery standards
- Oversee and drive the design and implementation of security architecture controls in support of compliance requirements
- Develop and deliver communications to management and company-wide stakeholders
- Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
- Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
- Establish procedures, SLAs, on-call availability, operational procedures; taking the processes/people/technology from existing maturity to continuously improving
Qualifications:
- Bachelor's degree in Computer Science or Business Administration, or relevant educational or professional experience
- Maintain an industry-recognized security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Ethical Hack (CEH), or Certified Cloud Security Professional (CCSP) desired
- Strong knowledge of information security frameworks and various technology solutions part of security stack
- Knowledge of cyber security standards and frameworks such as ISO 27001 or NIST 800-32 desired
Experience:
- Minimum 12+ years of experience in IT infrastructure related field
- Minimum 8+ years of enterprise information security architecture and information security system design.
- At least 1 year experience integrating security into cloud solutions
Competencies:
- In-depth knowledge of and experience in security concepts such as cyber-attacks and techniques, incident management, threat management, etc.
- Experience with Azure and/or Amazon Web Services (AWS) security
- Experience developing cloud security vision, strategy and roadmap
- Solid background in general security practices such as identity and access management (IAM), encryption, and multi-factor authentication, security information and event management (SIEM), and others
- Must be able to quickly and succinctly architect and create technical solution documentation
- Consulting skills (Conflict resolution, analysis/synthesis of information, negotiation, project management, etc.)
- Excellent communication, listening and facilitation skills
- A high level of familiarity with malicious code threats as well as common attack and penetration techniques used by adversaries
- Expert understanding of TCP/IP, networking concepts, and services such as DNS, SMTP, HTTP, HTTPS
- Experience with security technologies such as AV/EDR, IDS/IPS, NGFW, UTM, FIM, SIEM, WAF, DLP solutions
- Ability to consistently apply sound judgment and maturity to build and maintain successful professional partnerships
- Ability to adapt to a hyper-growth pace and changing priorities
- Strong analytical and quantitative skills
- Ability to work independently in a self-directed manner and collaboratively as a team leader or member.
- Strong leadership, communication and interpersonal skills geared to getting things done while continuously developing themselves and the talent within their charge
- Excellent verbal and written communication skills
Didn’t find the job appropriate? Report this Job