*** No Visa sponsorships supported ***
*** REMOTE: You can work from anywhere in USA ***
JOB DESCRIPTION
Position: Lead Cyber Security Architect (Remote)
Why This Role is Important to the company:
Planning and Design Activities
Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers
Develops security strategy plans and roadmaps based on sound enterprise architecture practices
Develops and maintains security architecture artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations
Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM)
Develops standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the chief information security officer (CISO)
Establishes a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC)
Assurance
Tracks developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
Conducts or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
Ensures a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
Coordinates with DevOps teams to advocate secure coding practices, and to escalate concerns related to poor coding practices to the CISO
Coordinates with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)
Reviews network segmentation to ensure least privilege for network access
Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics
Collaboration
Liaises with the vendor management (VM) team to support security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:
Software as a service (SaaS) provider
Cloud/infrastructure as a service (IaaS) provider
Managed service providers (MSPs)
Evaluates the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams
Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems
Liaises with other security architects and security practitioners to share best practices and insights
Liaises with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occurs
Participates in application and infrastructure projects to provide security-planning advice
Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls
The Lead Architect are expected to advocate for security requirements and objectives with these constituencies, while ensuring that security architectures and practices do not impede the needs of the business. Specifically, the security architect will serve as a technical sounding board for the CISO's interaction with other line-of-business (LOB) constituencies in the organization. The lead architect will be expected to evaluate new services, vendors, applications, and security tools, among other items, from a technical perspective, and to translate the risk characteristics of these activities and functions into enterprise risk terms that the CISO can communicate to colleagues in the organization.
What We're Looking For:
Education:
Experience and Skills:
What You'll Be Doing
Key Responsibilities
The Lead architect has direct, documented, and verifiable experience with the following:
Business-Related Skills
The lead architect is expected to contribute his or her insights to colleagues in the security team and the CISO, as well as colleagues within internal audit, risk management and other line-of-business teams. To ensure that security-related matters are adequately conveyed, the following skills are required:
Job is Archived
You may have followed an invalid link or the job you are looking for has been archived.
Learn About GoHire