Direct End Client Information Security Architect
Location : Miami, FL
Duration : 24+ Months Contract
As the Security Architect, you would work alongside the Chief Information Security Officer to define, establish and implement a strategic enterprise security vision that aligns to the transformation journey of the business. The Security Architect will review and undergo gap analysis of the existing security architecture and make recommendations on improvements. The Security Architect will lead the Information Security strategy, a part of a wider transformation. Security architect responsible for a company’s computer system security. This role will act in an environment which is rapidly evolving from traditional IT to digital cloud-based. Developments are agile, in a variety of DevOps structures. So, an in depth understanding of these technologies and development methodologies is essential. IT Cyber Security Architect to develop secure architectures in a Hybrid IT environment.
Determine the strength of the foundations for security within the organization and ensure that the vision, strategies, processes, people and technologies are aligned and organized effectively, to optimize Cyber Security in support of the business goals
Determine the strength and appropriateness of technical designs in mitigating relevant Cyber threats
Assess, research, analyse, understand and test emerging innovative security solutions and industry trends around On-prem / Multi-Cloud Security Define the key security architecture requirements and use cases for Hybrid IT security solutions
Support in the definition of new multi-cloud security strategy, architecture and solutions
Reviewing current system security measures and recommending and implementing enhancements
Conducting regular system tests and ensuring continuous monitoring of network security
Developing project timelines for ongoing system upgrades
Ensuring all personnel have access to the IT system limited by need and role
Establishing disaster recovery procedures and conducting breach of security drills
Promptly responding to all security incidents and providing thorough post-event analyses
Evaluation, selection and decision making as it relates to security controls.
Designing and architecting information technology and security controls across complex and diverse networks, applications and infrastructures.
Solve complex information security problems, ability to observe security risks and weaknesses and provide security recommendations to respective project and delivery teams.
Translate technical risk issues and distil such issues to common IT business leaders and upper management.
Working in the large scale transformation program, building the capability to assess and design Cyber Security
Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
Experience with enterprise architecture and working as part of a cross-functional team to implement solutions
Strong interpersonal and communication skills; ability to work in a team environment
Ability to work independently with minimal direction; self-starter/self-motivated
Ability to communicate technical information effectively in a written format
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
Skills and Qualifications
Computer Science, Engineering, or Business Administration Bachelors or Master’s Degree
12 Plus years of information security experience across various information security / information technology risk management domains such as but not limited to: application security, infrastructure security, identity and access management, vulnerability and cyber threat management, security architecture, etc
Experience as a Managing Consultant, Leading Cyber Security Projects, Part of CISO organization
Industry security certification(s) such as CISSP, SANS, CISA, CISM
Strong knowledge of cyber threats, risk management, and security solutions as an enabler for digital transformation
Broad understanding of Managed Security Services, Security Operation Centers, Security Incident Response, Identity and Access Management, Data Protection and Privacy
experience with Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP).
Experience in an information security or risk advisory role for regulated environments.
In depth knowledge of common regulatory framework applications including HIPAA, HITRUST, GDPR, PCI, and similar constructs is highly desired
Subject Matter Expert (SME) across the entire IT stack as well as diverse IT systems, networking and security components, applications, and operating systems.
Solid understanding as to how to mitigate risks with common controls such as WAF'S, IDPS's, MPS's, AWL, etc.
Working knowledge of application security controls, common threats, and the cost-effective implementation of mitigating controls and practices