The Robinson Group has partnered with a local, longstanding client to fill a critical new role.
The company is respected, successful, and committed to technology.
Relocation will be provided and visa transfer can also be considered.
The Enterprise Security architect will drive the business by playing an integral role in defining and assessing the organization's security strategy, architecture and practices.
Will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
The role will ensure controls are in place and being applied to projects.
Will partner with CISO for security strategy and be a part of the broader enterprise architecture team.
Will provide thought leadership and strategy.
- Develop and maintain a security architecture process that enables company to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
- Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
- Participate in application and infrastructure projects to provide security planning advice.
- Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
- Determine baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM).
- Develop standards and practices for data encryption and tokenization within the organization
- Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
- Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
- Cloud security experience is a plus
- HIPAA understanding
- Strong working knowledge of IT service management
- Direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology
- Verifiable experience reviewing application code for security vulnerabilities
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services