Security Architect

A direct client of

• Coaches, develops, and supports security analysts and engineers.
• Develops, communicates, and evolves security architecture including principles, technical strategies, roadmaps, guidelines, standards, and strategic best practices.
• Synchronizes security frameworks across the department, optimizes processes, and designs the security infrastructure needed to best achieve the long-term, strategic direction.
• Analyzes industry, technology, and market trends to determine the potential impacts on the information security strategy and architecture requirements.
• Investigates new technical solutions and technologies, estimating and articulating viability, effort, and potential financial and non-financial impacts.
• Explores, analyzes, and models business processes, information flows, technology patterns and services, and system integration maps to close identified security gaps.
• Provides guidance, strategic best practices, and action-oriented advice to guide the selection of technologies and vendor solutions aligned with strategic goals.
• Works with other architects, team leads, and subject matter experts to ensure functional alignment with the enterprise architecture and strategic direction.
• Translates business needs into architectural requirements.
• Serves as an information security expert and trusted advisor to partners in IT and the business.
• Achieves security architecture compliance on requirements, including but not limited to, SOX, PCI, data privacy, and state and federal regulations.

• Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
• Verifiable experience reviewing application code for security vulnerabilities.
• Experience securing CI/CD pipelines.
• Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
• Experience designing the deployment of applications and infrastructure into public cloud services.
• Full-stack knowledge of IT infrastructure, e.g. applications, databases, operating systems, hypervisors, networking, storage, backup networks, containers/Kubernetes
• Direct experience designing IAM technologies and services for Active Directory
• Strong working knowledge of IT service management (e.g., ITIL-related disciplines): change management, configuration management, asset management, incident management, problem management.
• The security architect is expected to have documented experience with the following: Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley, privacy practices, NIST Cybersecurity Framework (CSF)
• Strategic planning skills: The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
• Communication skills: The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.
• Financial analysis: As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies.

• Bachelor's degree in Computer Information Systems or equivalent experience.
• Minimum of 10 years of experience within the Information Technology field.
• Minimum of 4 years of experience in a lead Information Security or Cybersecurity role.

• Must have CISSP ISC2

• IT staffing and placement such as Project Managers, Agile/Scrum Masters, Business Analysts, DBAs, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists, ERP, CRM, Business Intelligence, Data Warehousing, Big Data and Creative (UI/UX, Web Design)

• Operational staffing and placement of Accounting/Finance, Human Resources, and Marketing professionals, as well as Information Technology resources.