Senior Information Security Architect

About The Position

Requirements

• Understanding of information security concepts and domains.
• Experience working with vendors to implement security-related projects.
• Strong understanding of Microsoft Active Directory access rights, user access provisioning, SQL access and Operating System security.
• Understanding and/or experience with the following security technologies, firewalls, web application firewalls, IDS/IPS, e-mail encryption gateways, vulnerability scanning tools, forensics tools.
• Experience with log/packet capturing & decoding of various attack signatures, such as recognizing SQL injections, cross-site scripting attacks, etc..
• Ethernet, TCP/IP, DHCP, DNS, Active Directory and enterprise level backup software.
• Experience with SIEM systems such as SumoLogic or Splunk.
• Experience/understanding of security architecture such as TOGAF, DoDAF, etc.
• Understanding security frameworks such NIST CSF and/or standards like ISO27001, PCI-DSS, etc.
• Experience securing cloud computing environments.
• Open Source Software development process.
• Effective verbal and written communications, including documenting activities, writing reports, and presentation skills for findings and recommendations.
• Clear understanding of the English language (spoken and written) .
• Customer service skills
• Time management skills
• Project planning and execution skills
• Detail-oriented
• Critical thinking, judgment and problem-solving skills
• Ability to actively listen and learn
• Ability to work both independently and with others at all levels
• Ability to respectfully communicate with Supervisors and Co-workers
• Ability to effectively deal with unpleasant, angry or discourteous people
• Minimum of 10 years of applicable security and system administration experience
• Bachelor’s degree in computer science or related technical discipline or equivalent experience

Nice To Haves

• Security Certifications preferred from GIAC, ISC2, CompTIA such as CISSP, SSCP, CCSP, GCIH, CEH, etc.
• Preferred experience in Cloud (Azure), Ai (Copilot), and Infrastructure as Code

Responsibilities

• Researches, designs, plans and advocates for the security architecture for IT systems.
• Develops, reviews, and determines installation security requirements for LANs, WANs, VPNs, firewalls, routers, and related network devices.
• Works with IT stakeholders to define baseline security configuration standards for operating systems, network segmentation, and cloud services.
• Determines security protocols by evaluating business strategies and requirements.
• Responds to and investigates security incidents and provides thorough post-event analysis.
• Reviews system security measures, tracks deficiencies, works with stakeholders to remediate and develops the necessary controls to ensure deficiencies are not reintroduced into the system.
• Conduct regular testing and monitoring of network security.
• Serves as primary resource for security Software Development Life Cycle (SDLC) practices.
• Research and provide technical guidance to IT and Bank Security staff as needed, as well as acts in a mentoring role.
• Monitor and perform security operations tasks to ensure security controls work as expected.
• Track information security related corrective actions and approved exceptions.
• Create and maintain information security documentation, such as policies, procedures, standards.
• Cultivate and maintain good working relationships with stakeholders to ensure continued application of, and compliance to security guidelines.
• Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities.