Vacancy expired!
A direct client of
Atrilogy Solutions Group is in search of a Security Architect to join their team in Phoenix, Arizona. Role: Security Architect Location: Phoenix, Arizona (Expect to be onsite after Labor day) Duration: Full Time Responsibilities: The Information Security Architect is responsible for defining, documenting, and articulating the desired future state vision for Information Security. They will work with other business and IT departments to understand the current state of information security, identify gaps and opportunities, and develop strategic approaches to close the gaps. Drawing from relevant trends and emerging technologies, the Information Security Architect uses out-of-the-box thinking to creatively align technology with strategic and business objectives. Primary Responsibilities:- Coaches, develops, and supports security analysts and engineers.
- Develops, communicates, and evolves security architecture including principles, technical strategies, roadmaps, guidelines, standards, and strategic best practices.
- Synchronizes security frameworks across the department, optimizes processes, and designs the security infrastructure needed to best achieve the long-term, strategic direction.
- Analyzes industry, technology, and market trends to determine the potential impacts on the information security strategy and architecture requirements.
- Investigates new technical solutions and technologies, estimating and articulating viability, effort, and potential financial and non-financial impacts.
- Explores, analyzes, and models business processes, information flows, technology patterns and services, and system integration maps to close identified security gaps.
- Provides guidance, strategic best practices, and action-oriented advice to guide the selection of technologies and vendor solutions aligned with strategic goals.
- Works with other architects, team leads, and subject matter experts to ensure functional alignment with the enterprise architecture and strategic direction.
- Translates business needs into architectural requirements.
- Serves as an information security expert and trusted advisor to partners in IT and the business.
- Achieves security architecture compliance on requirements, including but not limited to, SOX, PCI, data privacy, and state and federal regulations.
- Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
- Verifiable experience reviewing application code for security vulnerabilities.
- Experience securing CI/CD pipelines.
- Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
- Experience designing the deployment of applications and infrastructure into public cloud services.
- Full-stack knowledge of IT infrastructure, e.g. applications, databases, operating systems, hypervisors, networking, storage, backup networks, containers/Kubernetes
- Direct experience designing IAM technologies and services for Active Directory
- Strong working knowledge of IT service management (e.g., ITIL-related disciplines): change management, configuration management, asset management, incident management, problem management.
- The security architect is expected to have documented experience with the following: Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley, privacy practices, NIST Cybersecurity Framework (CSF)
- Strategic planning skills: The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
- Communication skills: The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.
- Financial analysis: As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies.
- Bachelor's degree in Computer Information Systems or equivalent experience.
- Minimum of 10 years of experience within the Information Technology field.
- Minimum of 4 years of experience in a lead Information Security or Cybersecurity role.
- Must have CISSP ISC2
- IT staffing and placement such as Project Managers, Agile/Scrum Masters, Business Analysts, DBAs, Software Engineers, Mobile Developers (iOS, Android), DevOps, Automation, QA, Systems & Network Engineers, Cyber Security / Information Security Specialists, ERP, CRM, Business Intelligence, Data Warehousing, Big Data and Creative (UI/UX, Web Design)
- Operational staffing and placement of Accounting/Finance, Human Resources, and Marketing professionals, as well as Information Technology resources.
Vacancy expired!