Principal Architect - Information Security

About The Position

Requirements

• Bachelor’s Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.
• 12+ years of directly-related or relevant experience, preferably in information security.
• Application Architecture
• Cybersecurity
• Enterprise Architecture
• Information Security Strategy
• Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
• IT Risk Management
• Network Solutions and Systems
• Information Security Strategy
• Threat Modelling
• Security and Compliance Frameworks (i.e. CCM, NIST 800-53, CIS)
• Microsoft Office Suite
• Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

Nice To Haves

• Azure Security Engineer Certification
• Certified Cloud Security Professional (CCSP)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security + Certification
• Project Management Professional (PMP) Certification
• Systems Security Certified Practitioner (SSCP)
• TS-SCI Security Clearance Certification

Responsibilities

• Leads and oversees the design and implementation of advanced and complex enterprise information security architectures and solutions
• Provides technical leadership to the Information security team consisting of Architects, Analysts, and Engineers
• Reviews security technologies, tools, and services and provides recommendations to IT, business, and project teams ensuring that solutions are in line with the architecture direction and business strategies
• Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities aligned with the business, technology, and threat drivers
• Defines the future state of Information Security Strategy solution architecture
• Executes security engagements during different phases of the lifecycle assessment, design, and implementation
• Works with senior stakeholders to find effective security solutions that work towards improving the overall security posture of the organization by balancing business requirements with cybersecurity needs
• Provides guidance, & coaching to Architects I/II and provides overall technical expertise to the Information security department and business stakeholders
• Develops, matures, and maintains security architecture strategy, principles, models, standards, guidelines, and configurations
• Defines key building blocks for future state architecture and creates a roadmap to realize the same
• Researches, models, and tracks secure system standards, industry trends, market technology, potential threats, tactics, and procedures for ecosystem applicability and reference
• Creates detailed and clear functional technical requirements for the organization’s security operations engagement and interaction, ensuring stakeholders clearly understand how to engage with Information Security Strategy services
• Analyzes root cause for technical issues, and design measures and methods to mitigate future re-occurrences
• Identifies solutions and implements automation of vulnerability scanning and monitoring of the organization’s infrastructure, applications, and network
• Prioritizes architectural needs and solutions with other senior executives and ensures they are in line with, criticality, feasibility, and Information Security Strategy

Benefits

• medical, dental, and vision care
• comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness
• support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave
• variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities