Security Architect

 Security Architect  (CISSP required)

 

Enterprise Security Solutions & Engineering: Responsible for ensuring security is incorporated in and represented on the strategy, design, implementation, operations and strategic initiatives corporate wide. Lead security and GRC analysis and posture for strategic solutions/devices such as Mobile, WiFi, remote management, data integrity for the Company.

Network Security: Determines network security requirements by evaluating business strategies and requirements; researching information security standards; conducting network security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.

Systems/Servers: Architect, design, communicate, and deliver innovative end-to-end Information Security and Compliance Solutions. Engage with leading customers and strategic partners to identify and define solution requirements. Leverage extensive knowledge of industry practices, software solutions, and methodologies to make technical recommendations on complex problem resolution, coupled with an approach that utilizes repeatable, efficient processes and best practices. Provide direct on-site technical leadership as a subject matter expert on high-profile projects. Lead team in driving and delivering customer solutions.

Hosting Security: Determines systems security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates. Plans security systems by evaluating system security technologies; developing requirements for Linux, Windows & Unix platforms and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.

Application Security: This role serves as the primary information security interface and knowledge support to assigned development groups and project teams. This person collaborates with business representatives, systems development and other technology groups for establishing business security requirements, functional security requirements, security solution options and implementation plans. The holder of this position will ensure corporate policies and standards relevant to applications are consistent with successful implementation in the corporate environment. Application development and deployment processes maintain compliance to internal and external regulations, security policies, standards, and procedures, including but not limited to PCI, SOX, GLBA.

 Basic Qualifications:

 

• A Bachelor’s degree in Computer Science or a related field, or equivalent experience is required.
• A minimum of 10 years in progressive IT application development experience is required
• Certification as an information Systems Security Professional (CISSP, CISM, CISA) is required.

 

 

 

Additional Qualifications:

 

• Technology & Security Architecture
• Security/Information and Application Protection
• Telecommunications (Data and Voice) Network
• Infrastructure and platforms
• Security Related tools (Network, Software & System)
• Application Development/Support and Maintenance
• All stages of any Application Development Methodology or lifecycle processes
• Recognized Project Management methodologies
• ITIL or similar Service Management methodologies or frameworks
• Authentication, authorization, identity & access management technologies and processes

 

 

 

Working knowledge and experience of relevant standards, regulations, or legislative instruments, including:

 

• ISO 27001 and ISO 27002 standards for Information Security
• PCI DSS (Payment Card Industry Data Security Standard)
• SOX (Sarbanes Oxley)
• GLBA (Graham Leach Bliley Act)

 

 

 

Personal Skills:

 

• Excellent interpersonal, written communication and presentation skills
• Strong business analysis skills
• Able to Learn quickly, absorb and retain information, and apply knowledge when and where relevant
• Self motivated and able to work on own initiative with minimal guidance
• Logical approach to problem solving
• Experience of managing a varied and heavy workload
• Ability to prioritize work appropriately
• Creative and innovative, yet pay close attention to detail
• Desire to see tasks through to completion
• Strong team player.

 

.