Information Security Architect

Our client is looking for an Information Security Architect. This position is responsible for ensuring that the necessary requirements to protect all aspects of the organization are addressed through design, implementation, and oversight of security program. Responsibilities will include reviewing the current security environment, recommending enhancements, identifying areas of weakness, as well as ongoing testing and assessment, investigations, and forensics. This position will require the ability to work effectively with a variety of teams.

Essential Duties and Responsibilities:

• Understand, document, and develop the organization’s security architecture and systems security for a hybrid infrastructure with multi-level security requirements.
• Research, design, build, and support resilient enterprise-class security systems aligned with business requirements and technology strategy.
• Collaborate with teams throughout the organization (architects, IT operations, development, management, etc.) to evaluate systems for risks/gaps in security architecture and to design, develop, and support robust security architectures and mitigation plans.
• Set accountability for cybersecurity standards and ensure integration with IT architecture frameworks supporting application products that are aligned with the IT roadmap. Work with stakeholders across the organization to ensure cybersecurity standards and best practices are followed.
• Monitor and ensure adherence to implemented policies, processes, and control strategies for the information security program across several business units, including third-party development teams, and execute manual processes to support the program’s operational state.
• Conduct regular testing and analysis of systems security to ensure efficacy of and compliance with technical and administrative controls.
• Assist with investigations and analysis of security incidents and provide thorough post-event analyses.
• Regularly communicate security needs and priorities to appropriate teams and management.
• Stay up to date with evolving threats and technologies to ensure appropriate actions are taken in line with risk management.
• Other duties as assigned.

Required Travel: 0-20%

Qualifications:

• Bachelor’s degree or 8 years of required experience in IT and Information Security, which may include experience in the Armed Forces. A Bachelor’s degree with a specialization in computer science or cybersecurity is preferred.
• Strong working knowledge of IT risks, cybersecurity, networks, and computer operating software.
• Advanced understanding of security protocols, cryptography, and security.
• Experience with cloud and on-prem infrastructure.
• Experience documenting, designing, and implementing security solutions.
• Process improvement and design experience, as well as working knowledge of security frameworks and standards (FedRAMP, FDA, HIPAA, NIST, ISO, HITRUST).
• Strong customer-facing skills and a professional approach.
• Strong verbal and written communication skills to work effectively with core team members and customers daily.
• Ability to communicate highly complex technical information clearly to all levels and audiences.
• High level of curiosity and critical thinking skills to evaluate alternatives and present solutions that align with business objectives.
• Security research and testing abilities.
• Comfortable working on a team.
• Great communication and interpersonal skills.