Information Security Architect

Diligente Technologies
Sanfrancisco, CA
28 Jun 2024

Vacancy expired!

Full time / permanent role

Hybrid role 2-3x a week in office in SFO, CA

Job Description Individual contributor responsible for designing, building, testing, and implementing information security systems and solutions to protect the computing environment. The Security Architect is expected to obtain a thorough understanding of the business operations to align security strategy and controls. Job duties will also include risk assessments, testing for vulnerabilities, performing evaluations of security products, researching security systems, standards, and authentication protocols. The Security Architect may be required to assist with the engineering and operations of the information security systems. The Security Architect will play a key role to maintain a strong information security program.

Major Accountabilities
  • Design information security solutions that balance business requirements with information and cybersecurity requirements.
  • Review current system security measures, recommend and implement enhancements to improve or maintain the information security posture.
  • Plan, research, and design robust security architectures for IT projects.
  • Define and document security requirements by evaluating business strategies and requests.
  • Document and update security standards, policies, and procedures.
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures
  • Identify security gaps and design solutions to minimize risk to the organization.
  • Investigate security related alerts and analyze events for impact and escalation., when required
  • Assist in preparing documentation and solutions that remediate security issues and cyber incidents.
  • Provide guidance and assistance to members of the security operations and engineering team.
  • Regularly communicate vital information, security needs, and priorities to management.
  • Stay current on informaiton security trends and news, including researching emerging technologies and maintain awareness of current security risks.
  • Participate in security vulnerability assessments and penetration tests on systems and applications.
  • Participate in periodic policy compliance reviews, risk assessments, and control testing.
  • Participate in internal security audits and investigations.
  • Participate in rotating on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business.

Skills/Knowledge

  • Experience:
    • Ability to utilize emerging technologies to design and implement security solutions; monitoring and improving those solutions while working with an information security team
    • Proven ability to consult and engineer the design and development of security best practices; implementation of security measures to meet business goals, customer needs and regulatory requirements
    • Experience with designing security solutions for on premise and cloud computing, including protections against data breaches, hacking, account hijacking, malicious insiders, third parties, authentication attacks, APTs, data loss, and DoS attacks
    • Experience with identity and access management and privilege account management; tracking and creating/enforcing policies that govern access sensitive technology resources and information assets
    • Minimum of six years of hands-on experience in an Information Security role.
    • Bachelor's degree in Computer Science, Information Systems, a related field, or equivalent work experience, is required.
    • Banking and/or financial services industry experience, a plus.

  • General Skills:
    • Strong communication, critical thinking, and analytical skills
    • Proven leadership, project and team-building skills, including the ability to lead teams and drive initiatives in multiple departments
    • Demonstrated ability to identify risks associated with business processes, operations, technology projects and information security programs
    • Ability to function as an enterprise security subject matter expert who can explain complex topics to those without a technical background
    • Self-motivated, organized and able to multi-task, prioritize, and adhere to deadlines.
    • Able to operate independently and effectively.
    • Excellent written and verbal communication skills, demonstrating the ability to write with purpose, clarity, and accuracy to both technical and non-technical audiences.

  • Technical Skills:
    • Detailed knowledge of the following areas: Windows and Linux Security, Networking Security, Vulnerability Management, Cloud Security, Identity and Access Management.
    • Strong understand of security concepts and hands-on with tools and systems such as firewalls, IDS/IPS, SIEM, manage antivirantimalware, patch management, NAC, DLP, and vulnerability scanners.
    • Knowledge of risk assessment procedures, policy creation and compliance, understand and leverage security attack frameworks
    • Industry certification is a plus: GIAC Security Essentials, Certified Ethical Hacker, GIAC Certified Incident Handler, Certified Security Administrator (firewall), CISSP.
    • Programming knowledge, a plus (Perl, Python, C, PowerShell, Ruby, SOAP, XML, Java/Hadoop).
    • Knowledge of compliance and regulatory program requirements, a plus (such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards).
  • ID: #43649607
  • State: California Sanfrancisco 94101 Sanfrancisco USA
  • City: Sanfrancisco
  • Salary: Depends on Experience
  • Job type: Permanent
  • Showed: 2022-06-28
  • Deadline: 2022-08-22
  • Category: Security