Senior Security Architect
Bethesda, MD, Maryland
Post Date: 05/04/2017 Job ID: 20862 Industry: Information Technology
The senior security architect is responsible for the security architecture and design of the company' s infrastructure, business applications and tools. This will require working closely with information technology teams (infrastructure engineering, infrastructure operations and application development and operations) and business stakeholders to understand goals, determine security requirements, design, and implement a secure infrastructure to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
• Integrate large scale distributed financial services application leveraging IaaS based infrastructure with the required security controls.
• Identify the protection needs (i.e., security requirements and controls) for the information system(s) and network(s), document requirements and drive implementation through collaboration with developers and infrastructure engineers
• Coordinate with systems architects and developers to provide guidance in the development and integration of secure cloud-based designs leveraging a combination of native IaaS capabilities and additional products where requirements dictate.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
• Specify product requirements gathering, manage vendor relationships and perform POCs of selected products obtaining management buy-in to products that meet the business needs.
• Specify solutions that address authentication, authorization, logging of critical security related events, administration (provisioning of access rights, recertification of access rights), confidentiality (both at rest and in transit), integrity, and availability.
• Build effective relationships with key stakeholders who own and support IT architecture, infrastructure, applications, processes and operations throughout CSS.
• Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.
• BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Masters Degree is a plus.
• 10+ years of IT experience, preferably in the financial services industry
• 6-8 years experience working in an enterprise architecture, information security, information technology or information risk management related field.
• Minimum 4 years experience in the specification of enterprise Information Security Architectures with an understanding of infrastructure and application security requirements and architecture. An understanding of IaaS and SaaS based risks and required security controls is essential