Overview
Position Summary:
The Sr. Information Security Architect is a senior member of the Information Security team with leadership responsibilities to design, implement and enforce information security posture and policies. The Sr. Information Security Architect provides consulting on information security to IT projects and initiatives. The Sr. Information Security architect will also conduct research on information security topics, such as best practices, emerging threats and emerging technology. This position provides leadership and guidance to other members of the Information Security organization. This position provides an excellent opportunity to make key contributions to the Company’s information security program, while demonstrating expertise in incident response, application security, penetration testing and information security architectures and technologies.
Geo-Salary Information
An in-person interview may be required during the hiring process
State specific pay scales for this role are as follows:
$128,136 to $252,194 (NJ, NY, WA, HI, AK, MD, CT, RI, MA)
$116,487 to $229,267 (NV, OR, AZ, CO, WY, TX, ND, MN, MO, IL, WI, FL, GA, MI, OH, VA, PA, DE, VT, NH, ME)
$104,839 to $206,340 (UT, ID, MT, NM, SD, NE, KS, OK, IA, AR, LA, MS, AL, TN, KY, IN, SC, NC, WV)
In CA: Typical hiring range is $171,148.50 to $237,706.25
The expected base salary for this position will vary depending on a number of factors, including relevant experience, skills and location.
Responsibilities
Essential Job Functions:
- The essential function of this position is to be accountable as an information security architect for supporting the information security program within IT and business initiatives.
- Provide Information Security subject matter expertise and security consulting to IT projects and initiatives using information security standards, best practices and approaches, with an emphasis on application security.
- Develop Information Security requirements across the enterprise for data protection, network protection, and application protection and compliance with regulatory requirements for protection of information.
- Conduct threat analysis for systems or applications including analysis of current and known security exposures, planning for remediation of exposures, staged and planned penetration testing, vulnerability assessment and analysis of results.
- Conduct research on best practices, emerging technologies and threats as it relates to Information Security.
- Act as subject matter expert on security related control testing, control remediation and incident response.
- Other functions that may be assigned
Qualifications
Education:
- Bachelor of Science Degree in Information Technology or equivalent professional experience.
Preferred:
- CISSP certification or equivalent is highly desirable.
- SANS certifications or equivalent are desirable.
- CISA or additional security certifications are desirable.
Experience:
- Must have a minimum of 18 - 20 years of work experience in multiple fields of Information Technology with an emphasis on Information Security.
- At least 12 years of this experience should be directly in the Information Security field.
- Leadership experience is a must; management experience is a plus.
Knowledge and Skills:
- Experience in a leadership / Incident Commander role in security Incident Response processes.
- Extensive knowledge of Security Policy, Standards, Guidelines, and Process Development.
- Detailed knowledge of secure architectures and their design.
- Detailed knowledge of web application development (Java, .Net, Secure configurations).
- Working experience and ability to conduct application / system Penetration Testing / OWASP using industry standard tools.
- Working experience collaborating with development teams to understand and remediate application security vulnerabilities.
- Working experience and ability to conduct network vulnerability testing and remediation.
- Working experience and ability to conduct Threat Analysis.
- Strong knowledge of Virus, Worms and Other Malware (Prevention/Detection) and Incident Response.
- Strong knowledge of Encryption / Tokenization / Key Management.
- Strong knowledge of access control technologies.
- Working knowledge of Intrusion Detection, Firewall Monitoring, System Monitoring.
- Excellent knowledge of Operating systems and platforms (UNIX, Windows, Virtualization, Secure configurations).
- Working knowledge of network security (Routing, switching, TCP/IP, DNS, Architecture, WLAN).
- Working knowledge of state privacy laws and the PCI DSS.
- Ability to work with all levels of personnel within the IT department and departments external to IT, in a dynamic and challenging environment.
- Must consistently maintain a professional demeanor/attitude with all levels of management, employees, customers, and vendors to accomplish organizational goals; take action that respects the needs and contributions of others; take responsibility for actively participating and contributing to team efforts; acts as team facilitator when appropriate.
- Ability to communicate complicated concepts to both management and technical staff and thrive in a cross-functional matrix environment.
- Must be self-motivated and capable of working with minimal supervision and/or direction, and proactively manages their own workload.
- Must be accountable and take direction from supervisor, follow work rules, and keep required work schedules, which include regular and predictable job attendance.
- Well-balanced interpersonal skills are required.
Perks and Benefits
We offer many great benefits, including:
- Competitive compensation
- Flexibility to work from anywhere in the United States for most positions
- Paid time off (vacation time, sick time, 9 paid Company holidays, volunteer hours)
- Incentive bonus programs (potential for holiday bonus, referral bonus, and performance-based bonus)
- Medical, dental, vision, life, and pet insurance
- 401 (k) retirement savings plan with company match
- Engaging work environment
- Promotional opportunities
- Education assistance
- Professional and personal development opportunities
- Company recognition program
- Health and wellbeing resources, including free mental wellbeing therapy/coaching sessions, child and eldercare resources, and more
Pay RangeUSD $128,136.00 - USD $252,194.00 /Yr.