Job: IT Security architect

Specific Responsibilities:

  • Expert in IT Security principles and demonstrated experience in designing and implementing security relevant controls
  • Proven experience Strong experience in designing and implementing security controls in private cloud computing and Data Center virtualization using VMware (ESXi,vCenter,vCloud,vRealize, NSX)
  • Responsible for leading, developing, and enforcing compliance with Company Information Security standards and policies across Business & IT projects
  • Perform security design reviews to assess security implications for the introduction of new or differing technologies within the environment – threat modeling; vulnerability assessments
  • Proven experience leading implementation programs for improved network security, including segmentation, perimeter and in-depth monitoring, and active response
  • Provide specific guidance regarding security requirements and mitigations for securing business use cases with defense in-depth strategy
  • Conduct software security assessments including threat modeling, security control reviews and vulnerability assessments
  • Work with application and functional teams across the business to encourage a security mindset throughout software development life cycle from concept to testing and implementation
  • Proven ability to succinctly communicate complicated technical security issues and the risks they pose to R&D programmers, network engineers, system administrators and management
  • Hands-on ability in management, upgrading, patching and troubleshooting issues on security platforms
  • Work closely with server, network, and business teams during incident response events to speed remediation
  • Utilize both manual methods and automated tools to identify and assess web application and network vulnerabilities
  • Address, review and resolve reported user issues associated with security platforms
  • Evaluate / recommend technologies that could improve current systems and ensure that plans for security technologies integrate with technical infrastructure
  • Experience breaking down complex systems and applications to find relevant security risks
  • Significant experience with industry known common vulnerabilities and attack vectors
  • Experience in management and tactical usage of 3rd Party SaaS security solutions
  • Experience with enterprise disaster recovery and business continuity planning
  • Experience in working with external auditors
  • Knowledge of common web application and mobile frameworks
  • Develop, implement and operate a comprehensive Information Security Program designed to enforce technical and organizational measures to protect intellectual property and confidential information of client and its customers as required by the applicable laws, contracts and agreements
  • Conduct security assessments of current and perspective third-party vendors and partners to ensure their compliance with client Information Privacy and Security requirements
  • Ensure that security of all systems, applications and data is actively, consistently and verifiably maintained throughout information technology lifecycle, including design, implementation, operation and disposal
  • Implement a comprehensive set of tools for security monitoring and vulnerability scanning of network, systems and applications
  • Ensure that security incidents, issues, vulnerabilities and defects are tracked, prioritized and resolved within service level objectives established by the Information Security Program and any applicable compliance requirements
  • Work with product owners, business stakeholders, business analysts and engineering teams to review security requirements and approve / modify designs as needed
  • Advise on data security issues, compliance, and privacy requirements including, but not limited to SOC 2, Sarbanes Oxley, SSAE16
  • Take a lead role in conducting security research on threats and remediation techniques/technology, make recommendations and implement them
  • Define and maintain necessary information security hygiene throughout the Agile Software Development Process Knowledge/Skills
  • Extensive knowledge of current and emerging IT security technologies and techniques that cover all levels of IT architecture, including those that affect business processes, data, applications, network and systems infrastructure
  • Deep technical understanding of network, systems, and cloud security
  • Experience with web application security and data protection for java based applications utilizing open source services such as apache foundation web and application servers
  • Understanding of code scanning technologies, services and tools
  • Specific understanding of application and operating system hardening, vulnerability assessments, security auditing, TCP/IP & network fundamentals, intrusion detection systems, firewalls, VPNs, WAFs
  • Working knowledge of and experience in policy and process creation and management
  • You must be experienced with designing and running security solutions with the following tools: vulnerability scanners, forensics software, SIEM, HIDS/NIDS, IPS, malware analysis and protection, content filtering, logical access controls, physical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, security incident response techniques
  • Experience with secure network firewall, application firewall, and DDoS prevention technologies

Demonstrated knowledge and hands-on experience or working knowledge in the following areas:

Network segmentation and isolation techniques and strategies |Private Cloud computing and Data Center virtualization using VMware (ESXi,vCenter,vCloud,vRealize, NSX) | VPN | Security Information and Event Management | Identity and Access Management | Multi-Factor Authentication | Encryption methods and technologies (data at rest and in transit) | Public Key Infrastructure | Network (wired and wireless) Security | Intrusion Detection (within and from outside the perimeter) | Data Loss Prevention | Mobile Device Management | Denial of service mitigation strategies and supporting technologies | Patch Management technologies | Content Filtering | Network and Host Firewalls | Privileged Account Management | File Integrity Management | Web Application Firewalls | Cloud Access Security Broker |EndPointSecurity | Network Access Control | Security Scanning – Network, Web Application | Data Classification

Qualifications:

  • Strong hands on experiencein Application, Network, Security Architect
  • 7+ years of technical experience with information security and technology
  • Preferred experience in eDiscovery, SIEM, Code Scanning and IDS/IPS
  • Bachelor’sor higher degree in computer science, information systems, computer engineering, or a related discipline
  • Progressive experience in security centering on developing, architecting, and implementation of enterprise IT security solutions
  • Previous experience with PCI, SSAE16, GLBA and other compliance frameworks
  • Understanding of ITIL, COBIT, ISO27001 and SABSA
  • Preferred certification in one or more of an industry recognized security certification such as CISSP, GSEC, CHE
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.)
  • Working knowledge and experience in compliance/remediation efforts of relevant domestic and international security standards and best practices such as PII, PCI DSS, ISO 27001/2, SSAE 16, SOX and AML
  • Proven ability to design end-to-end network security solutions across large enterprise IT ecosystems

Soft Skills:

  • Ability to quickly troubleshoot complex problems and take appropriate corrective action
  • Works well under pressure situations
  • Ability to work independently on multiple projects and function as a technical team mentor
  • Ability to be on-call for emergency purposes
  • Ability to prioritize tasks, operate in a fast-pace environment and can handle the escalations
  • Strong written and verbal communication skills(documenting concepts, designs, presenting to groups)
  • Must have strong analytical skills in order to solve complex and unusual technical and business situations
  • Must be able to maintain planning and organization across multiple projects
  • Experience working with development teams to build secure solutions
  • Strong teaming, leadership, creativity, influencing, problem solving, and conflict resolution skills required
  • Self-starter, high energy, passionate, healthy sense of urgency, capable of working independently
  • Demonstrates a high level of responsiveness to the customer to enlist trust and build credibility
  • Proven ability to translate business requirements to technology architecture plans
  • Proven experience with application and functional teams across the business to encourage a security mindset throughout software development life cycle from concept to testing and implementation