Information Security Architect

About The Position

Requirements

• Bachelor’s degree in Information Systems, Computer Science, Information Security, or Engineering, or relevant experience and/or education as determined by the company in lieu of bachelor's degree
• 5 - 7 years' experience architecting solutions
• 5 - 7 years' experience in Information Security
• Experience communicating with business partners
• Business communication skills, both written and verbal and able to solve unconventional problems
• Understanding of the TCP/IP protocol stack, application protocols such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS protocol knowledge
• Understanding of the information technology and information security industries, their current developments, trends, issues, and fundamental concepts
• In-depth expertise in analyzing a wide spectrum of technical systems and services robustness and needs, and making practical recommendations to address them
• Detailed knowledge of web, mobile, and client application security vulnerabilities, attack methods, and countermeasures
• Experience with common information security management frameworks, such as HITRUST, ISO 27001, CobiT, ITIL
• Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.)
• Participate in evaluations and recommend solutions to support enterprises security controls including: networking, firewalls, IDS/IPS, data loss prevention, application security, infrastructure security, and data security

Nice To Haves

• Master’s degree in Computer Science, Information Security or related field
• 7 - 10 years' experience architecting solutions
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), etc.

Responsibilities

• Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Determine security requirements by evaluating business strategies and requirements; conducting system security and vulnerability analyses and risk assessments; identifying integration issues; preparing cost estimates.
• Plan security systems by evaluating network and security technologies.
• Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures.
• Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
• May begin to provide leadership and mentoring in the areas of expertise and architecture to peers, developers, management and business users including technical expertise, coaching, and ad-hoc training.
• Support assurance compliance to required standards, procedures, guidelines and processes.
• Other duties as assigned or requested.