Information Security And Technology Architect

Responsibilities:

• Enhances security team accomplishments and competence by planning delivery of solutions, answering technical and procedural questions, and providing technical guidance.
• Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; and preparing security standards, policies, and procedures.
• Determines technical and security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing cost estimates.
• Performs vulnerability assessment and risk analysis.
• Plans security systems by evaluating network and security technologies and developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; and adheres to industry standards.
• Ensures that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines
• Works closely with Enterprise Architecture and Application Development to enhance the security posture of new and existing systems
• Participate in designated projects and business initiatives as the security subject matter expert.
• Identify security design gaps and technical deficiencies in existing and proposed architectures and recommend changes or enhancements.
• Review business processes from a JM Technology and security perspective and identify threats, risks, and solutions accordingly
• Ensures systems and applications are implemented with compensating controls to meet regulatory requirements (GLBA, etc.) as well as other organizational compliance (PCI) requirements.
• Updates job knowledge by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests and exploring opportunities to add value to job accomplishments.

Desired Skills & Experience/Key Responsibilities  

• Responsibility for the creation of key Information Security Intelligence, Security Analytics, Information Security Architecture, Risk and privacy, and/or Cloud Security assets to be used by the security practice
• Accountability for the development of strategic assets related to specific projects or offerings, as well as the related activities and financial management
• Participate in projects, pre-sales activities and delivery
• Participate in infrastructure and application project teams, providing consultation on information security designs
• Work on improvements for provided security services, including the development of new tools and supporting assets
• Limited travel possible but not regarded as a mobile role
• Collaboration responsibility with delivery team members; Technical and Process design and delivery responsibilities
• Research emerging technologies in support of security enhancement and development efforts
• Perform other essential duties as assigned

 
Qualifications/Requirements 

• Experience with standard security tools: Firewalls, Intrusion Detection/Prevention Systems, Anti-Virus, Vulnerability Scanners, etc.
• Five or more years’ experience in IT security and Technology
• Knowledge of security frameworks and controls (e.g., NIST, CIS, PCI, GLBA, NYDFS)
• Experience in working with compliance and regulatory program requirements
• Experience analyzing network, event and security logs, and/or IDS alert logs
• Excellent analytical, problem-solving, and decision-making skills, applied with a solution-focused attitude
• Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance, and professionalism
• Excellent teamwork skills
• Four-year degree in a relevant field preferred or an equivalent amount of post-secondary education and experience

License / Certificate (any of the following are a plus):
CISSP, CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, PMP, ITIL v3