Information Systems Security Architect

What will you be doing? As an Information Systems Security Architect (ISSA), the ideal candidate will have leadership qualities and experience developing an information systems security program to protect sensitive services data. The position requires a motivated self-starter, working collaboratively across organizational boundaries and services teams to develop a consistent and mature information security program to protect proprietary, sensitive data. As an ISSA, you will be responsible for developing, managing, and owning the data protection program. Working within the Information Security team, you will collaborate with security experts to protect sensitive services data while maintaining compliance with regulatory statutes and internal corporate policies. A strong candidate will have prior expertise in developing and managing a data protection program, with leadership and interpersonal skills to understand organizational requirements, constraints, and opportunities. The candidate must be comfortable in a matrixed environment, managing dependencies, constraints, risks, and opportunities while maturing the program and providing regular updates to executive leadership. The position requires a significant understanding of the information security landscape including tools, processes, laws, training, and maturing an information systems security program.

• Iteratively grow a data protection program to protect sensitive data while aligning to broader corporate policies and statutes
• Exhibit clear strategic thinking with the ability to tactically execute, with a tenacious approach to developing and delivering a quality data protection program while working with both internal and external stakeholders
• Communicate effectively, verbally and written, to the executive leadership and services organizations
• Develop, educate, mature, and monitor the data protection program while leveraging a rigorous, data-driven approach
• Provide subject matter expertise of Office 365 with emphasis on security policies for Office 365, Conditional Access (CA Azure Information Protection and Office365 Message Encryption), and architectural design
• Provide subject matter expertise in Compliance data retention leveraging Office 365 Data Loss Protection (DLP), Native Office 365 capabilities such as retention policies including Office 365 eDiscovery Advanced eDiscovery In-depth knowledge of Authorization Authentication for data at rest and “in motion”

• 5-8 years of relevant data protection and information security experience
• Significant information security experience managing complex projects and delivering timely results under tight timelines, taking a data-driven approach to program leadership
• Highly collaborative technical through a leader who possesses the ability to manage relationships across multiple service areas
• Excellent people and analytical problem-solving skills with an ability to identify key issues, gather information, and provide timely recommendations effectively
• Strong interpersonal and leadership skills to influence and build credibility; team-oriented, collaborative, diplomatic, and flexible
• A strong personal presence and ability to clearly communicate compelling messages to senior management, staff, and stakeholders
• Ability to embrace complexity and deliver/articulate with simplicity
• Demonstrated understanding of Microsoft O365 and Azure security technologies, strategy, and implementations
• In-depth knowledge in information security best practices and frameworks, including (but not limited to) NIST Special Publications and Cyber Security Framework, CIS Controls, ISO/IEC 27000 series, and OWASP
• General knowledge of laws and regulations related to information security and relevant to the organization, such as General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).

• Ability to give and receive Feedback. A central part of living our core values is our environment of safe, timely, and direct feedback. We require and coach our employees on how to provide constructive and critical feedback to their peers, reports, and leadership. This can take on many forms; written, verbal, in a group setting, and one-on-one, and can involve topics ranging from job performance and leadership effectiveness to root cause analysis, communication, and integrity. While not always comfortable, we see the ability to give and receive feedback in a safe environment as a job requirement common across all practices and roles, and a vital aspect of our culture and continuous improvement.
• Possesses a high level of Integrity. Acts ethically and is above reproach. Builds trust through their honesty, reliability, and authenticity. Possesses a strong concern for the needs of his/her colleagues. Takes tough principled stands even if they are unpopular. Meets commitments and keeps promises.
• Demonstrates Self-control. Manages his/her impulsive feelings and distressing emotions and operates without any personal agenda. Stays composed, positive and unflappable even in trying moments. Thinks clearly and stays composed and focused under pressure.
• Must be Flexible. Smoothly handles multiple demands, shifting priorities, and rapid change. Is able to work collaboratively to get things done. Proactively seeks the advice and suggestions of peers, subordinates, and superiors. Adapts strategies and tactics to fit fluid circumstances. Is flexible in how he/she sees events.
• Is Optimistic. Demonstrates a positive mental attitude. Persists in seeking goals despite obstacles and setbacks. Operates from a hope of success rather than a fear of failure. Sees setbacks as due to manageable circumstances rather than a personal flaw.
• Continuously Develops Others. Committed to the continuous process of education and development of self and colleagues. Acknowledges people’s strengths and accomplishments. Offers useful feedback and helps to identify others’ needs for future growth and improvement. Mentors and gives timely coaching that fosters an individual’s skills.
• Able to Intuitively Understand the way people think and work. Understands the forces that shape the views and actions of clients, customers, or competitors. Accurately reads an organizational and external reality.
• Models Leadership qualities. Articulates and arouses enthusiasm for a shared vision and mission. Leads by example.
• Is a catalyst for Change. Recognizes the need for change and removes barriers. Challenges the status quo to acknowledge the need for change. Champions the change and enlists others in its pursuit.
• Fosters Excellence in Communication. Is effective in give-and-take, registering emotional cues in attuning their message. Deals with difficult issues straightforwardly. Listens well; seeks mutual understanding and welcomes the sharing of information fully. Fosters open communication and stays receptive to bad news as well as good.