Application Architect / Information Technology Security Speciali

Description Location: Chicago, IL

Education Required: Bachelors Degree

Experience Required: At least 3 years

Position Description:
Basic Function:
Within IT Professional Services Risk Management Department as a member of the Technical SERVICES Development Team performing as a "hands-on" and VERY technical individual contributor. This position co-leads development of ENTERPRISE APPLICATION SECURITY & CONSULTATIVE/PROFESSIONAL SERVICES for large-scale solutions across our enterprise (including ALL technologies across the enterprise). Designing, implementing, and continuous updating to security consulting process in support of enterprise information security policies & standards. Provides SOLUTIONS to resolve gaps in security; provides architecture and infrastructure guidance for applications, operating systems AND networks. Apply expertise in developing conceptual, logical, and technical security architecture artifacts, knowledge of a VARIETY of hardware AND software security capabilities and features, and an ability to resolve security and non-security requirement conflicts.

Job Requirements:
1)4 years hands-on experience in technical security control architecture, design, information security solution engineering, security service delivery role, SECURITY TECHNOLOGY IMPLEMENTATION (Enterprise Information Security Event Monitoring [SIEM, SEM, SIM], enterprise authentication, cryptography, encryption); 2)4 years experience in security engineering, including security testing and evaluation, requirements, logical and physical architecture design; 3) Knowledge of service-oriented architecture concepts; 4)IN-DEPTH EXPERTISE of Security Event Management [SIEM, SEM, SIM] solutions from the requirements/design to implementation phases of the development; 5)Ability to collaborate with team leads, clients, engineers, and developers to appropriately translate functional needs into technical security requirements; 6)In depth hands-on experience in complex enterprise architectures lock downs; 7)knowledge of the Inner workings and security aspects of variety of Application Servers, Web Servers, Media/Content Servers, Messaging Servers, Database Servers, Integration Servers, etc.; 8) Effective oral and written communication skills; 9)Technical writing, documentation development, process mapping, and visual communication skills;
10) Experience in a wide variety/multiple technologies, including:
+++ Development languages: C, C++, C#, Java, UML, XML, XSLT, applied in Object Oriented (OO) n-tier application development environment;
+++ Application frameworks and their built-in security services & API’s: J2EE, Web Sphere, COM+, .NET, or others;
+++ General application security API’s and protocols: GSS-API, MS CryptoAPI, PAM, Kerberos, DCE Security Service, SSL/TLS, SAML, S/MIME, PKCS API’s, or others;
+++ Application authentication & authorization systems: Netegrity SiteMinder, RSA ClearTrust, Entrust GetAccess, Oblix NetPoint, or others;
+++ Built-in security functions and services of application infrastructure components: Oracle, DB2/UDB, MS IIS, MS BizTalk Server, MS Integration Server, IBM WebSphere, iPlanet Directory, MS Active Directory, SAP R/3, Vitria BusinessWare, IBM MQSeries, MSMQ, MS Exchange, BEA WebLogic, or others;
+++ Embedded Operating Systems security controls including Windows XP, Windows 2003, LINUX, AIX, Solaris, Z/OS, AS/400, and others.

PREFERRED REQUIREMENTS:
1) Advanced degree in Computer Science or Information Systems; 2) Expertise with systems and solutions based on ArcSight line of products or other logging products, 3) Experience in managed healthcare, insurance industry or within financial services industry (Insurance, Banking, Investments); 4)Implementation of SIEM, SIM, SEM, UTM, ENTERPRISE Security Operations Tools, forensic identification, correlation / consolidation / aggregation, Log Management, 4)Manual code review, reverse engineering abilities are highly desirable.

This position is located in Chicago, IL

Requirements .