Security Architect

Position : Security Architect

Location NYC – Long Island Commack.

Work type: Onsite (hybrid 2/3 days).

Type of hire: C2C

Experience : 8-10 years on IT Security

Skill & Role:

• Requires overall understanding of Security services related processes and technologies:

• Azure Cloud
• Azure native security
• Data Security
• Log Indexing and Correlation platform & SIRT
• Threat Intelligence & Forensics
• Intrusion system
• Anti-virus and anti-spyware console
• Audit principles and associated compensating controls
• Cloud Security
• Identity & Access Management

• In depth knowledge of Security Architecture design and implementation
• Hands on experience on Azure Cloud security
• Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
• Develop and maintain global policies, standards and procedures to include helping to manage our business partners, setting expectations on roles and responsibilities
• Assist Client to define Security requirements based upon Business needs and their Information Security Policy
• Designing and implementing the security measures needed to protect data stored on public clouds against unauthorized access, including secure authentication methods, encryption, access control lists, intrusion detection systems, firewalls, and other measures
• Designing and developing security architectures that align with an organization s strategic goals
• Working with security specialists to design new security protocols as needed, then testing them to ensure that they work as intended
• Installing and maintaining security software on company servers, computers, and mobile devices used by employees
• Analyzing threats to an organization s security and designing solutions to mitigate those threats
• Recommending and implementing new security measures as needed to keep data safe
• Identifying new security threats and recommending ways to address them
• Plans security systems by evaluating network and security technologies
• Prepares system security reports by collecting, analyzing, and summarizing data and trends
• Knowledge of PCI, ISO 27002 and o security standards and framework
• Designs security models, reviews and approves security configuration and installation of Security devices
• Analyze, troubleshoot, and investigate security-related, information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
• Ensure and enforce security controls in the area of Networks and Applications to drive policy compliance and risk mitigation
• Controlling and managing access rights to the information system and assets that manage these information repositories
• Security-related Incident handling and registration
• Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
• Improving and maintaining secure development standard
• Providing standard gap analysis services to internal business and technology partners.
• Ability to seek out vulnerabilities in IT infrastructures
• Protects system by defining access privileges, control structures, and resources
• Recognizes problems by identifying abnormalities, reporting violations
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements
• Determines security violations and inefficiencies by conducting periodic audits
• In-depth knowledge of data protection strategies, network and system vulnerabilities; security tool sets including security event management tools
• Provide SIRT support as needed in response to information security related events.
• Participate in continuous improvement processes
• Doing Threat Management by working on different kind of attacks, Malwares, Viruses, web application attack based on OWASP
• Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
• Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
• Monitors industry security updates, technologies and best practices to improve security management