The Director, Security Architecture, will become an integral part of an Information Security Department and plays a vital role in protecting and advancing our global security posture. He/She will oversee all aspects of the organization’s operational security. As part of the Information Technology Department, the Director collaborates with a multi-disciplinary teams of technology professionals to secure the firm’s internal and external information and technology infrastructures, including the on-going maintenance and management of hardware and software that powers the firm’s internal / external security platform, analyzing reports, monitoring security logs, documenting security incidents and acting primary resources for conducting externally commissioned audits. The position will also play a key role in assisting with completing external RFP for clients as it related to our security posture.
Essential Job Functions
- Appropriately and practically defend the information enterprise in accordance with established policies, procedures, guidelines and practices.
- Representative to various business projects regarding the management of Information SecurityRisk.
- Partnership with the General Counsel’s office to provide advice on contract terms that involve aspect of information security.
- Technical owner of the vulnerability management solution, including all strategic direction, integration and output.
- Technical member of the Internal Security Committee.
- Implement and manage intrusion detection and prevention platforms, including device management and access control systems.
- Create and establish baseline securityreporting for peers and management.
- Actively monitor our systems for anomalous behavior, appropriately report, document and remediate the situation.
- Implement and manage new systems for weblog and activity reporting.
- Manage anti-virus platform / end point protection services.
- Assist in refining and documenting internal incident response protocols.
- Generate documentation relevant to information security solutions.
- Actively participate in information security reviews and audits with external clients.
- Work collaboratively with IT Engineering, Development, Client Services and Security Science teams to create best of breed solutions.
- Synthesize publicly available information, industry threats and position us to effectively respond to emerging threats and zero day malware.
The ideal candidate would have 10+ years in progressively sophisticated roles in information securityengineering and/ or IT technical project management. The position requires a strong, diverse technical background and truly exceptional oral and written communications skills. The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues. This position calls for an individual who exhibits thoughtful introspection but is also able to assess a broad spectrum of issues. A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel. Finally, personal flexibility and the ability to travel globally is required.
This leadership position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.
- 10+ years of IT securityengineering with an emphasis on securityinfrastructure.
- Excellent written and verbal communication skills.
- IT security certifications (CISA, CISM, CISSP).
Bachelor’s Degree in computer science or information technology. Master’s degree in information/computer science or a technology-related field preferred.