EITS Security Architect

Role: EITS Security Architect

Location: New York, NY (Remote)

Duration: Long Term

Visa: No OPT/ CPT. All other visa need Passport number with active Linkedin.

Responsibilities:

• Lead and coach on the definition of security architecture, including the development and implementation of effective security administration processes for all platforms.
• Actively engage in security architecture solutioning within key pre-implementation systems
• Identify and implement emerging data access control technologies, information systems security issues, safeguards, and techniques.
• Perform security reviews and identify security gaps in security architecture, resulting in recommendations for inclusion into the risk mitigation strategy
• Provide Security Architecture guidance to Senior EITS Management within clients and engage with multiple cross functional teams
• Conduct application vulnerability scans, recognize vulnerabilities in security systems, and design countermeasures to identified security risks
• Design security controls based on information assurance (IA) principles and tenets
• Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements.
• Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
• Keep informed on current threats and industry regulations.

Knowledgeable In:

• Strong Knowledge of infrastructure, application and security protocols in addition to configuration management techniques and risk management/compliance/audit standards
• Deep knowledge of HIPAA/HITECH, NIST CSF, ISO27001/27002 and PCI-DSS Standards and Requirements
• Knowledge of encryption algorithms
• Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
• Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)
• Experience working with network access, identity, and access management (e.g. Active Directory, access federation, multifactor authentication, PKI)
• Experience working with operating systems (Microsoft Windows, Linux, UNIX, MacOS X)
• Knowledge of security management and secure configuration management techniques
• Knowledge of software engineering
• Skill in assessing the robustness of security systems and designs and determining how it should work (including its resilience and dependability capabilities)
• Knowledge of IT supply chain security/risk management policies, requirements, and procedures

Other Preferred Skills:

• Must possess a high degree of integrity and trust along with the ability to work independently
• Participate in special projects as needed and perform other duties as assigned
• Must be able to work independently as well as work as part of a fast-moving team
• Must be able to work at various locations when necessary along with working various shifts

Educational Level:

• A bachelor's degree in information systems
• CISSP, CISM, GSEC, CEH, or other relevant security qualification

Years of Experience:

• A minimum of ten years of IT experience, with at least 7 years dedicated to IT/Cyber Security, including Solution Design