Information Security Architect

5 - 7 years experience  •  Insurance

Salary depends on experience
Posted on 10/02/17
5 - 7 years experience
Insurance
Salary depends on experience
Posted on 10/02/17

Job Duties and Responsibilities

  • Promotes security awareness and continued support by enabling business processes to occur in a secure manner.

     

  • Provides advanced architecture and engineering support to integrate security and compliance requirements into all enterprise information systems and projects as part of the SDLC process by working closely with various other company architects.

     

  • Acts as a liaison for management and various IT departments on the delivery of security services within Grinnell Mutual.

     

  • Creates and maintains standards surrounding documentation related to security processes, procedure and infrastructure.

     

  • Assesses current applications and architecture to ensure current implementations align with industry guidelines, best practices and management approved standards.

     

  • Develops plans for remediating any findings discovered in assessments and audits.

     

  • Evaluates new products and technologies for security best practices and perform securitythreat and architecture reviews prior to purchase approval. Stays abreast of emerging issues and threats as well as technology to counter.

     

  • Architects plans for implementing management’s directives in most secure manners with least disruption.

     

  • Assists various IT departments with design, implementation and troubleshooting of securitytechnologies.

     

  • Performs web and network penetration tests to further ensure the implementation of technologies best matches management’s intent.

     

  • Collaborates with peers in other areas of the company to continually improve upon security throughout the organization.

     

  • Participates in the secure engineering process and works with enterprise security tools to manage the securityrisks posed to enterprise systems.

     

  • Provides engineering support to integrate security and compliance requirements into all enterprise information systems and projects as part of the SDLC process by working closely with various IT areas

     

  • Performs all other duties as assigned.

     

 

Knowledge, Skills, and Abilities:

 

  • Bachelor’s degree from an accredited college or university in Information Technology or Information Security, six years of dedicated information securityexperience, and seven years of information technology administration experience or equivalent combination of work and educational experiences. Advanced degree in relevant field of study such as Business Administration, Information Security, IT, or related field preferred.

     

  • Intermediate to advanced knowledge of securitytechnologies and concepts.

     

  • Demonstrated experience installing and managing firewalls, web application firewalls, routers, switches and load balancers.

     

  • Demonstrated experience with enterprise ready technologies at a global scale like Windows, Unix, Cisco, and Palo Alto.

     

  • Advanced experience with big data, cloud, and major virtualization technologies.

     

  • Experience with, and knowledge of, regulatory and industry frameworks and standards (i.e. 20 critical controls, CIS, PCI-DSS, ISO 27000, NIST 800, HIPPA, etc.).

  • Proven knowledge of technologies (MCSE, MCSA, GCUX, GCWN, CCIE, CCNP, F5, etc.).

     

  • Proven knowledge of security (CISSP, CISA, CISM, GPEN, GWAPT, GCIH, other GIAC certifications, OSCP, CEH, Check Point, PCNSE, etc.)

     

  • Intermediate to advanced understanding of Web and network penetration tools and techniques.

     

  • Demonstrated ability to analyze and solve problems.  Must be able to measure risks and identify strategies based on a broad range of internal and external factors to make decisions resulting in the best business outcome. 

     

  • Possesses sound analytical and critical thinking skills.  Security solutions may be complex in nature.  Must have ability to think creatively and incorporate current technical solutions into outcome with end user in mind. 

     

  • Excellent verbal and written communication skills with the ability to formulate and communicate highly technical and complex security concepts to both technical and non-technical audiences in a clear and effective manner. Ensures understanding and builds relationships.

     

  • Ability to work well independently or with teams.

 

  • Proven ability to build, facilitate, and engage a community of contributors around Information Security.

     

  • Proven ability to influence key stakeholders and decision makers.

     

  • Guidewire experiencepreferred.

     

  • Must demonstrate high level of confidentiality.

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.