Security Architect

  •  

Boston, MA

8 - 10 years

Posted 223 days ago

  by    Cynet Sytems

This job is no longer available.

We are looking for Security Architect for our client in Boston, MA

Job Title: Security Architect

Job Location: Boston, MA

Job Type: Contract ? 12 Months / Contract to Hire / Direct Hire

?US citizens and those authorized to work in the US are encouraged to apply. We are unable to sponsor H1b candidates at this time.?

Job Description:

  • Provide oversight, guidance and prioritization to the sub team in systems requirements planning, systems securityarchitecture, and continuous monitoring. 
  • Support the Chief Information Security Office in security program management and security human capital management. Liaise with IT partners to establish and maintain daily working relationship.

Job Duties:

  • Security Program Management
  • Perform necessary due diligence activities to determine third-party vendor adherence with IT compliance requirements.
  • Serve as InfoSec Lead for initial detection, analysis, and investigation of securityevents to determine likelihood of compromise and respond according to Executive Information Security Incident Response processes.
  • Advise the CISO by identifying critical security issues; recommending risk-reduction solutions.
  • Communicate with customers to determine when InfoSec support is needed.
  • Integrate and share information with other analysts and other teams.
  • Security Human Capital Management
  • Manage, mentor and implement professional development plans for direct reports, working closely with Human Resources.
  • Assist in the management of a workforce by ensuring the fair and consistent application and strict adherence to the rules, regulations, collective bargaining agreements (if applicable) and policies of the Authority including the EEO, Anti-Discrimination and Anti-Harassment and Anti-Retaliation policies.
  • Systems Requirements Planning
  • Design and document securityarchitecture guidelines and requirements.
  • Maintain a current understanding of technology trends to participate in evaluation of potential technology improvements or shifts.
  • Systems SecurityArchitecture
  • Lead the development and improvement of architectural and security designs.
  • Serve as a subject matter expert to executive leadership on a range of cybersecurity best practices, architectures, solutions and technologies.
  • Provide cybersecurityarchitecture services to business partners to ensure the secure delivery of all technology.
  • Ensure architectures, technologies and solutions align with and integrate regulatory requirements and industry best practices.
  • Provide strategic and tactical cybersecurity guidance for technology projects.
  • Attend Change Advisory Board and Architecture Review Board Meetings.
  • Continuous Monitoring
  • Analyze the effectiveness of IT control activities and report on them, with actionable recommendations, to the CIO, the CISO and IT managers.
  • Develop applications scanning and monitoring capabilities.
  • General
  • Respond to each inquiry, whether from a customer, vendor or co-worker in a timely, courteous and professional manner.
  • Stay abreast of information security issues and regulatory changes affecting transportation at the state and national level.
  • Perform special projects and other duties as assigned.

Job Qualifications:

  • Bachelor?s degree in related technical or engineering field or supplemental professional experience. Relevant experience can be substituted for degree.
  • 7+ years?experience in an IT environment, with experience leading information assurance and securityarchitecture teams, and managing and providing technical leadership for complex enterprise security projects.
  • Deep understanding of vulnerability assessment and validation processes.
  • Ability to analyze and determine the applicability of data, to draw conclusions and make appropriate recommendations.
  • Ability to assemble items of information in accordance with established procedures.
  • Ability to determine proper format and procedure for assembling items of information.
  • Additional IT experience as a programmer, system administrator or network engineer preferred.
  • Demonstrated ability to perform a risk-based approach to securing applications, databases, or infrastructure.
  • Demonstrated process orientation? the ability to build repeatable and reusable processes.
  • Excellent verbal and written communication skills.
  • Knowledge of the principles, practices and techniques of supervision.
  • Knowledge of the laws, rules, regulations, policies, procedures, specifications, standards and guidelines governing assigned unit activities.
  • Knowledge of SIEM technology (QRadar preferred).
  • Knowledge of NAC technology (Forescout preferred).
  • Knowledge of or experience with securityarchitecture framework.
  • Knowledge on threatlandscape, securitythreat and vulnerability management, as well as security monitoring and analytics.
  • Knowledge in compliance frameworks and requirements such as PCI, HIPAA, SOX, etc.
  • License and/or Certification Requirements:
  • GSLC, CRISC, SSCP, CISSP, CISSP-ISSAP, CISSP-ISSEP, CEH, CompTIA Security + or equivalent certification preferred.