About
Job Description
The Security Architect will collaborate with partners to enable trusted innovation by embedding information security into the enterprise; improving application and systems security and support efforts to minimize the risk of coding, design, or configuration security vulnerabilities working their way into production environments or presenting a potential point-of-compromise.
* Demonstrate understanding of the following standards: ISO 27001/27002, COBIT, ITIL, NIST
* Demonstrate understanding of regulatory requirements: PCI-DSS, HIPAA/HiTech, SOX and GDPR
* Define security requirements by evaluating business strategies, corporate policies, standards and technology best practices
* Evaluate and implement security controls as related to all solutions (Legacy and Cloud based services including SaaS, PaaS, IaaS)
* Understand layered security model, network security zones and data flows with each solution
* Understand application of security controls: Authentication and Authorization, Encryption, Access Control, Logging and Monitoring, etc.
* Understand Web Application Vulnerability Detection, OWASP Top 10 and SANS CWE/25
* Review solution and software architecture designs to assess risk to data assets
* Demonstrate deep analytical and problem-solving skills across breadth of technologies
* Facilitate static code analysis, dynamic and/or manual security testing utilizing established process and tools
* Provide consulting services and security support to internal business and technical customers
* Review circumstances surrounding security gaps and providing recommendations on corrective actions and define risk to the business information assets
* Validate implementation and test effectiveness of control techniques
* Communicate effectively both orally and in writing
* Articulate security risk and business impact as it relates to security requirements
* Demonstrate strong consultative skills and professionalism
* Interface effectively with technical and non-technical leaders
* Practice good interpersonal and stakeholder management skills
* Understand Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.
* Maintain in-depth knowledge of security issues, techniques and implications across all existing computer platforms.
* Understand current trends in cybersecurity threat
* Evaluate reported breaches for relevancy to ABCs business
* Pay attention to details and record keeping
* Prioritize work load, track milestone dates and consistently meet deadlines
* Practice strong organizational skills with work queue
* Open to candidates residing near our locations in Lake Forest IL, Chesterbrook PA or Carrollton TX offices.
#LI-DN1
#LI-DN1
* Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
* Typically requires 5 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and experience designing and deploying security solutions at the enterprise level.