Direct Client Requirement for Information Security Solution Architect

Hi , Please let me know if you're comfortable with the position detailed below. This position is an urgent hire. Location : Boston, MA - Hybrid Duration : 12 months Locals Only Responsibilities

• Analyze system architectures to design appropriate security requirements that enforce Information Security policies and standards
• Identify and communicate current and emerging security threats to the business and across security domains.
• Create solutions that balance business requirements with information security requirements
• Collaborate with business units, application teams, architectural teams and third-party vendors to provide guidance on security controls for managing security risk
• Perform risk assessments of information systems and infrastructure; develop appropriate risk treatment and mitigation solutions
• Design security architecture elements to mitigate threats as they emerge. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Maintain highly developed knowledge of security best practices and technologies
• Developing risk mitigation plans resulting from identified inherent and residual risk
• Ensuring compliance with relevant laws and regulations by assessing state of controls and ensuring that controls are appropriately implemented to maintain compliance.

• Experience in conducting internal and external security risk assessments
• Ability to demonstrate a high degree of credibility and influence stakeholders within the relevant projects
• Experience as a Security consultant, Security Architect or equivalent.
• Technical background with experience in solution delivery including SDLC and security tools and technologies, and Agile framework.
• Familiarity with standard network security technology solutions (i.e., firewall, router, VPN, IDS).
• Familiarity with the use of standard security technology solutions and processes such as: access control, user provisioning, directory, SIEM, vulnerability management, Cloud Security, Identity & Access Management, Logging and Monitoring, General PKI and Cryptography.
• Understanding of network protocols, network topologies, virtual infrastructure, network segmentation, operating systems, databases, applications, and mobile security
• Experience designing security in large public cloud technologies (i.e., AWS/Azure/Google Cloud Platform)
• Ability to manage projects autonomously with strong knowledge of Security and Technology Architecture
• Ability to communicate effectively, orally and in writing
• Thorough knowledge of IT and information security controls
• Excellent knowledge of information security and related principles
• Comfortable thinking outside of the box, challenging ways of thinking (where applicable) to innovate and find improvement opportunities

• Bachelor's degree in information systems or a related discipline, or equivalent training
• Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Information Systems Security Architecture Professional (ISSAP)
• experience as an information Security consultant/Architect in Banking and Financial services.
• Knowledge and experience in vulnerability and risk related security and regulatory frameworks including ISO 27001, NIST and OWASP Top 20
• Understanding the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (e.g., SEC Regulation S-P, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, and PCI DSS)