Information Security Architect - REMOTE

Velera

2d•$95,800 - $124,500•Remote

About The Position

Join the People Helping People Velera is the nation’s premier payments credit union service organization (CUSO) and an integrated fintech solutions provider. The company serves more than 4,000 financial institutions throughout North America, operating with velocity to help our clients keep pace with the rapid momentum of change and fuel growth in the new era of financial services. Our purpose: We accelerate partners’ success through innovative financial technology solutions and inspired service. The Opportunity The Information Security Architect is responsible for analyzing and reviewing corporate and client infrastructure to determine suitable, feasible designs that allow the security department to manage risks. The individual will serve as a subject matter expert for network, host and application security product implementations. Incumbent will assist in development and implementation of solutions that meet regulatory and client contractual requirements. Perform vulnerability scans, penetration tests, and firewall, VPN, and wireless audits; manage the intrusion detection systems; and evaluate, recommend, architect and implement new security technologies, processes and methodologies. Incumbent will have a good balance of business and technical knowledge and will be comfortable across all disciplines of information security to include Risk, Compliance, Solutions, and Identity Management. Individual will drive deployment of security technologies and processes, using structured project management methodologies for coordinating cross-functional resources, tracking project milestones, creating supporting documentation and reporting status regularly. Day in the Life Work with other architects to design the high-level roadmap and architecture for security products encompassing trusted computing, systems security, network security, and cryptography targeted to the data center and cloud computing environment and application controls. Assist in the development of security system architecture strategy and architectural specifications for security controls of financial systems with access to sensitive data. Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors; design additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Execute projects professionally and on time by managing and delivering the various components that create a security solution; this includes the identification, design and implementation of the various technologies. Maintain awareness of the vulnerability and exploit landscape as relates to cyber security. Maintain and document security baselines for systems within the corporate network. Perform as a technical security advisor for company initiatives during the planning and architectural phases. Support and perform the research and development of new security technologies. Monitor, configure and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction. Validate security posture against standards and guidelines such as PCI DSS, SOC 1/2, and ISO 27001; lead enterprise risk assessments. Design enterprise security solutions: security information management, data loss prevention (DLP), governance risk and compliance (GRC), two-factor authentication, encryption, etc. Architect enterprise identity management strategies to include user provisioning, single sign on, federation, and access control. Update existing departmental documentation and create documentation for new processes; develop information security policies, standards and procedures. Lead in the planning and design of enterprise security architecture. Work in a team environment ensuring that departmental SLAs and other time and quality commitment KPIs are met at all times. Direct staff as requested by IT Management to ensure all duties are performed according to departmental performance standards, as assigned. Perform other duties as assigned.

Requirements

Bachelor’s degree in Computer Science related discipline, or equivalent combination of education and experience in information technology required.
Information technology or security certification in at least one of the following required: SAN GIAC, RHCE, CCNA, CISSP, CCSP.
Five (5) years of experience in IT Security with direct hands-on experience with administering Unix/Linux and Windows systems and complex networks and experience in an IT security role with knowledge of overall information security and a broad understanding of the technologies that enable IT security required.
Three (3) years experience in the design and implementation of large-scale, multi-tiered, heterogeneous security infrastructures required.
Experience using a ticketing system to create, track and manage issues
Experience with network design and architecture, penetration testing, monitoring, alerting, and mitigation strategies.

Nice To Haves

Association with security industry groups (ISSA, ISACA, (ISC)2, ASIS) would be a plus.

Responsibilities

Work with other architects to design the high-level roadmap and architecture for security products encompassing trusted computing, systems security, network security, and cryptography targeted to the data center and cloud computing environment and application controls.
Assist in the development of security system architecture strategy and architectural specifications for security controls of financial systems with access to sensitive data.
Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors; design additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Execute projects professionally and on time by managing and delivering the various components that create a security solution; this includes the identification, design and implementation of the various technologies.
Maintain awareness of the vulnerability and exploit landscape as relates to cyber security.
Maintain and document security baselines for systems within the corporate network.
Perform as a technical security advisor for company initiatives during the planning and architectural phases.
Support and perform the research and development of new security technologies.
Monitor, configure and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction.
Validate security posture against standards and guidelines such as PCI DSS, SOC 1/2, and ISO 27001; lead enterprise risk assessments.
Design enterprise security solutions: security information management, data loss prevention (DLP), governance risk and compliance (GRC), two-factor authentication, encryption, etc.
Architect enterprise identity management strategies to include user provisioning, single sign on, federation, and access control.
Update existing departmental documentation and create documentation for new processes; develop information security policies, standards and procedures.
Lead in the planning and design of enterprise security architecture.
Work in a team environment ensuring that departmental SLAs and other time and quality commitment KPIs are met at all times.
Direct staff as requested by IT Management to ensure all duties are performed according to departmental performance standards, as assigned.
Perform other duties as assigned.