To Apply for this Job Click Here

Information Security and Technology Architect

The Information Security and Technology Architect will report directly to the Director of Information Security and support the CISO to provide the highest quality of information assurance program to our business units and customers.  This role will work closely with other members of the Information Security team, Information Technology, Enterprise Architecture, and Business Units and stakeholders.
Primary Responsibilities:

• Enhances security team accomplishments and competence by planning delivery of solutions, answering technical and procedural questions providing technical guidance.
• Secures enterprise information by determining security requirements; planning, implementing, and testing security systems, preparing security standards, policies, and procedures.
• Determines technical and security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Performs vulnerability assessment and risk analysis.
• Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
• Ensures that acquired or developed system(s) and architecture(s) are consistent with organization’s cybersecurity architecture guidelines
• Works closely with Enterprise Architecture and Application Development to enhance the security posture of new and existing systems
• Participate in designated projects and business initiatives as the security subject matter expert.
• Identify security design gaps and technical deficiencies in existing and proposed architectures and recommend changes or enhancements.
• Review business processes from a JM Technology and security perspective and identify threats, risks, and solutions accordingly
• Ensures systems and applications are implemented with compensating controls to meet regulatory requirements (GLBA, etc.) as well as other organizational compliance (PCI) requirements.
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.

Desired Skills & Experience/Key Responsibilities 

• Responsibility for the creation of key Information Security Intelligence, Security Analytics, Information Security Architecture, Risk and Privacy and/or Cloud Security assets to be used by the security practice
• Accountability for the development of strategic assets related to specific projects or offerings, as well as the related activities and financials management
• Participate on projects pre-sales activities and delivery
• Participate in infrastructure and application project teams providing consultation on information security designs
• Work on improvements for provided security services including the development of? new tools and supporting assets
• Limited travel possible but not regarded as a mobile role
• Collaboration responsibility with delivery team members; Technical and Process design and delivery responsibilities
• Research emerging technologies in support of security enhancement and development efforts
• Perform other essential duties as assigned

 
Qualifications/Requirements

• Experience with standard security tools: Firewalls, Intrusion Detection/Prevention Systems, Anti-Virus, Vulnerability Scanners, etc.
• Five or more years’ experience in IT security and Technology
• Knowledge of security frameworks and controls (e.g., NIST, CIS, PCI, GLBA, NYDFS)
• Experience in working with compliance and regulatory program requirements
• Experience analyzing network, event and security logs, and/or IDS alert logs
• Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude
• Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
• Excellent teamwork skills 
• Four year degree in a relevant field preferred or an equivalent amount of post-secondary education and experience

License / Certificate (any of the following a plus):
CISSP, CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, PMP, ITIL v3 
 

To Apply for this Job Click Here

Equal Employment Opportunity Statement
Gravity IT Resources is an Equal Opportunity Employer. We are committed to creating an inclusive environment for all employees and applicants. We do not discriminate on the basis of race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, genetic information, veteran status, or any other legally protected characteristic. All employment decisions are based on qualifications, merit, and business needs.