$100K — $150K *
What’s the job?
The Security Architect (SA) is responsible for developing security architecture strategies and roadmaps. The SA is also responsible to architect enterprise security and business solutions that meet security and compliance mandates with other architects of the Enterprise Architecture team, ensuring the overall IT solutions integrates with various operational security systems to facilitate defense in depth, cyber hygiene, security monitoring, security incident response and minimize breach impact. The SSA partners with stakeholders across the organization to securely achieve the functional requirements of business initiatives. The SA will consult on risk decisions made by security risk personnel.
What you’ll get to do:
• Maintain strategic security architecture vision, including reference architectures and frameworks that are aligned with overall business strategy
• Participate in enterprise & solution architecture design; contribute to security efforts assisting with the integration and initial implementation of solutions
• Understand current as well as emerging security threats and design security architecture to mitigate threats where possible
• Contribute to secure systems and application development and system integration methodologies
• Responsible for assessing and auditing network controls and security zoning.
• Responsible for recommendations that increase cost effectiveness and systems flexibility utilizing knowledge of current or emerging technologies and threats as they pertain to Coast systems development efforts.
• Provide technical expertise in the area of Information Security including guidance, mentoring and skills development.
• Maintain advanced knowledge of regulatory, industry, security and privacy standards. Makes recommendations to security policy, directives and guides to ensure CCS security program evolve to new standards.
• Responsible to assess, recommend, and design for security products and services, such as anti-virus, firewalls, DLP, SIEM, Web Security Gateways, and email SPAM.
• Responsible for risk assessing and identifying control strengths/weaknesses and opportunities for improvement of current/proposed infrastructures.
• Responsible for security and compliance audits, internal/external penetration analysis, and vulnerability research.
• Review existing architecture, identify design gaps and recommend security enhancements
• Stay abreast of new security technologies and integrate into security architecture design when appropriate
• Serve as Information Security subject matter expert; provide advisory and consulting services as needed
• Serve as a security expert in application development, database design, network, and/or platform (operating systems) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
• Contributes to the development and maintenance of information security strategy and architecture.
• Design solutions for foundational security services to be consumed by enterprise information systems
• Work with various IT teams to determine and provide direction in the planning and implementation of defenses on systems, infrastructure, operations and facilities
• Review the implementation and operation of security systems and their corresponding or associated software to ensure they operate as designed
Who are we looking for?
• Minimum 7 – 9 Years of Job Related Experience
• 7-9 years of relevant experience in IT, minimum of 5 years’ experience building high level security architecture strategies and roadmaps Experienced and proficient at assessing and auditing network controls and security zoning; risk assessing and identifying control strengths/weaknesses and opportunities for improvement of current/proposed infrastructures. One or more of Industry security certifications such as SABSA/TOGAF, CISSP, CISM, CGEIT, CISA required * One or more of relevant SANS and/or technical vendor/industry certification preferred.
• Bachelor's Degree or a diploma requiring 3 - 4 years of full-time study.
• Bachelor’s degree in a related field required One or more Industry security certifications such as CISSP, ISSAP, ISSMP, CISM, CGEIT, CRISC, CISA required and one or more relevant SANS and/or technical vendor/industry certification required.
• Advanced understanding of Enterprise Architecture practices and frameworks (SABSA, TOGAF, Zachman)
• Advanced hands-on proficiency with Microsoft enterprise level products and Unix/Linux based environments and technologies
• Advanced to expert working knowledge in the application of ISO 27001/2 other security compliance certifications.
• Proficient to advanced knowledge of legislation and regulations affecting information security and the financial industry and other industry best practices
• Solid knowledge and hands-on experience of web technologies like Application Servers, J2EE, ESB, web services, HTTPS, SOAP, Java Script framework, Sql/NoSql Database.
• Solid knowledge and hands-on experience on application integration patterns and techniques, Experience web services/API design.
• Excellent organizational skills and the ability to manage priorities judiciously
• Well-developed interpersonal, written and oral communication skills
• Ability to present ideas in business-friendly and user-friendly language.
• Exceptionally self-motivated and directed.
• Superior analytical, evaluative, and problem-solving abilities with a keen attention to detail
• Exceptional service orientation.
• Ability to be successful in a team-oriented, collaborative environment
• Ability to research, recommend and implement industry best practices
At Coast Capital, we value diversity, equity and inclusion. We’re not all the same and we like it that way. We don’t just accept differences - we celebrate, support, and we thrive on them for the benefit of our employees, our members, and our community. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. We believe, the more inclusive we are, the better our work will be
Valid through: 1/25/2021