Security Architect
Support to the Office of Chief Technology Officer/ Information Security in identifying strategies and long term technical direction to provide continuous protection of critical assets, data and technology. Focus will be on long term strategic security initiatives. The role requires very strong 'hands on' technical skills as well as strong capabilities in technical writing, security architecture, technology implementation and information security standards frameworks. Applicant must have ability to make informed decisions and/or consolidate appropriate information to support informed decision making and strategic direction as well as proven ability to deliver.
Required Skills : - Highly motivated with cross disciplinary technical experience to drive security architecture from view of architecture standards, assessment and design.
- Technical capacity to create or provide input to creation of security architecture standards, implementation methodologies, assessment guidance and design processes across various security domain capabilities
- Ability to apply threat modeling techniques to design of security architecture solutions
- Knowledge of specific technologies associated with data protection, data governance, cloud migration strategies and technologies, identity and authorization components.
- Advanced comprehension of cryptography components, standards and protocols such as PKI, Key management (software and hardware based), key lifecycle, digital certificates, SSL/TLS, SSH, integration into overall security architecture and means to operationalize
- Ability to create security architecture diagrams and flows and identify design gaps
- Awareness of security protocols including identity (federated identity protocols), access management, application security, encryption (at rest, in transit, in use) and regulations including cyber security legislation practices, privacy, restrictions of geographic locations, etc.
- Understanding of network concepts TCP/IP, UDP, UC, DNS, Load balancing, etc.
- Scripting (e.g. Python) or coding
- Ability to drive adoption of security architecture standards
REQUIREMENTS : Education and Experience - Master's Degree (preferred) or Bachelor's degree (B.S.) in computer science or engineering focusing on the following security domains:
- Security Engineering
- Data Protection/Cryptography
- Identity and Access Management/Control
- Communications & Network Security
- Secure Software Development
- Security Assessment and Testing
- Security Operations
- 5+ years security, technical domain, computer architecture, operating systems (Unix/LINUX, Windows and Mobile primarily), networking.
- Business concepts including financial, business requirements, compliance and risk management
Skills/Knowledge
- 'Hands on' experience in multiple security/data protection technologies and knowledge of 'how they all fit and communicate.'
- Strong interpersonal and communication skills.
- Deployment experience of security tools and programs.
- Thorough understanding of security architecture design and security capabilities
- Demonstrated analytical and problem-solving skills.
- Advanced technology skills.
- Collaboration, innovation and creativity
- Familiarity with Security Control organizations such as NIST, CSA, CIS, ISO, FFIEC, etc.
- Industry certification such as, CISSP, CCSE, VCP, CCDA, CCNA, Server+ or certifications from Red Hat or Microsoft desirable
