View all jobs

Senior IT Security Architect

REQUIREMENT: Designing and developing security architecture patterns that meet regulatory obligations and data protection requirements as well as align the business and corporate security strategy; Perform security assessments, identify gaps in existing security architecture, and recommend changes or improvements; Assist in developing Disaster Recovery and Business Continuity Plan; identify and prioritize system functions required to promote continuity availability of critical business processes; Direct equipment and software installation and prepare preventative and reactive measures; Research information security standards, conduct systems security and vulnerability analyses and risk assessments; identify integration issues; prepare effort estimates; Define and document how the implementation of a new technology impacts the security posture of the current environment; Determine security requirements by evaluating business strategies and requirements; Define security strategies by specifying intrusion detection methodologies and equipment; Enhance security team accomplishments and competence by planning delivery of solutions, answering technical and procedural questions, teaching improved processes to other Security Architects; Provide input on security requirements to be included in requests for proposal (RFPs), statements of work (SOWs), and other procurement documents; develop security architecture and control templates for different applications and services based on the environments they reside in (e.g., Azure, other cloud service, on-premises, etc.), or the types of data being stored within an application or service; provide support for Security Information and Event Management (SIEM) Request for Proposals (RFP); provide support and guidance for Azure Security Architecture as required; provide support and guidance for Paymod Security Architecture; assist in implementation and integration of the IT Risk Management and Executive Dashboards using published APIs including Qualys and O365; ensure that Qualys, the vulnerability management tool, has coverage of on-premises infrastructure and applications, as well as its cloud-based solutions; define and apply Center for Internet Security (CIS) benchmarks to Qualys for various technologies as they are onboarded; support the Cybersecurity Team with the continued roll-out of Qualys agents on its endpoints, ensuring that all endpoints are sending back accurate asset information to the monitoring solution(s); operate the Security Assessment and Authorization (SA&A) Process; assist in Security Awareness Training initiatives; and develop Standard Operating Procedure (SOP) and Guidance documentation. QUALIFICATIONS: The resource must have: BSc. in Cyber Security, Information Systems, Information Technology, or Computer Science Appropriate Security Certifications, CISSP, Certified Information Security Manager (CISM), Global Information Security Professional (GISP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) Certifications in Certified Information Systems Security Professional – Information Systems Security Architecture Professional (CISSP-ISSAP), The Open Group Architecture Framework (TOGAF), or Sherwood Applied Business Security Architecture (SABSA) Previous relevant experience in IT security architecture Certified Information Privacy Professional (CIPP) Azure/O365 Cloud experience Secret Security Clearance
Powered by