The Senior Information Security Architect is responsible for executing strategic security projects, ensuring enterprise security design and architecture best practices are followed, and ensuring that Business and Information Technology projects meet all regulatory and compliance requirements by analyzing, reviewing and testing established security controls.
- Develop, Implement, and execute processes to help business stakeholders determine and assess security requirements by evaluating business strategies and requirements, conducting security risk assessments and preparing security architecture/platform requirements.
- Implement security systems by specifying intrusion detection methodologies and equipment, directing equipment and software installation and calibration, preparing preventive and reactive measures, providing technical support and completing documentation.
- Assume lead advisory role in large and complex integrated IT projects, directly interfacing with business owners to ensure understanding and implementation of security best practices and compliance requirements.
- Develop processes and systems that help business stakeholders deploy new projects and IT solutions by testing network and security technologies, developing security guidelines for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, UNIX and Windows based servers as well as any related security and network devices adhering to compliance requirements and industry standards.
- Provide on-going analysis of existing security solutions for effectiveness and efficiency and develop strategies to improve and enhance the solutions.
- Maintain expert knowledge of complex industry trends, current security issues and security technologies and updates management on risks and threats that could impact company business or performance.
- Lead and facilitate the evaluation and selection of security technologies, capabilities, and product standards.
- Determine security requirements by evaluating strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, and studying architecture/ platform.
- Other duties as assigned
- High School Diploma/GED
- Bachelor’s degree in computer science, information systems or other related field, or combined work and relevant academic experience.
- CISSP Certification
- Some experience may be substituted for some of the above education.
- 12 years IT experience, with 10 years in IT security.
- Proven success architecting security solutions for large enterprises.
- Proven success engaging cross functional teams to deliver large, complex information security solutions.
Knowledge, Skills and Abilities Requirements:
- Strong presentation skills, with the ability to articulate business case for information security solutions, and to effectively convey complex and detailed technical information in a clear, concise manner.
- Knowledge of compliance standards and industry best practices.
- Knowledge and experience with UNIX, Windows and Network Security.
- Working knowledge of security frameworks such as NIST 800-53, ISO 27002 and SANS Critical Controls.