Supports the business by ensuring information security is integrated into the essential project and program activities. Ensures risks are treated in a consistent and effective manner and promotes responsible security behavior. Responsible for researching, developing and driving the adoption of software security strategy, security architecture standards, design patterns, and best practices across all of Securus' products and services.
* Oversees and documents IT security aspects of the Enterprise Architecture, including vulnerability assessment, design, access, and authentication.
* Works closely with other functional area architects and security specialists to ensure adequate security solutions are in place throughout all systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
* Contributes to the development and maintenance of the information security strategy.
* Evaluates and develops secure solutions, based on approved security architectures.
* Researches, designs and advocates new technologies, architectures, and security products.
* Develops the business, information and technical artifacts that constitute the enterprise information security architecture.
* Develops requirements for local, wide, and virtual private networks, servers, NAS/SANs, routers, firewalls, and related network devices
* Designs security architecture elements to mitigate threats as they emerge
* Analyzes emerging security threats and vulnerabilities, identifies gaps in existing and proposed architectures and recommends changes or enhancements
* Audits security infrastructure and supports security policies and procedures
* Communicates security risks and solutions to business partners and IT staff.
* Supports ethical hacking initiatives to eliminate security risks in Securus products.
* Models attack vectors and design security controls to mitigate risk
* Researches and recommends new industry IT cyber security models, management strategies and effective resource utilization models that can be presented to Senior Leadership
* Provides post-mortem analysis and corrective action for security-related incidents
* Builds security into infrastructure and architecture designs and guides the implementation
* Creates and delivers knowledge sharing presentations and documentation to other architects, security, developers and operations teams
* Performs other duties as assigned.
Knowledge, Skills, and Abilities:
* Experience with network infrastructure devices and equipment from vendors such as CISCO, Fortinet, Dell, VMWare, Intel servers, Oracle, etc.
* Demonstrated ability providing cloud computing security considerations including data breaches, data loss, and DoS attacks.
* Proven leadership ability with excellent interpersonal communication skills.
* Experience working with a variety of constituents within and outside of IT to drive cohesiveness while ensuring that the architectural direction is achieved.
* Should be able to effectively interact with a variety of internal and external constituencies.
* Ability to conduct research into emerging technologies and study their relevance for use at Securus.
* Ability to present ideas in business-friendly and user-friendly language.
* Highly self-motivated and directed.
* Excellent analytical and problem-solving abilities.
* Able to prioritize and execute tasks in a high-pressure environment.
* Experience working in a team-oriented, collaborative environment.
* Able to recognize and categorize the most common types of vulnerabilities and associated attacks.
* Network applications and services - expertise in the network infrastructure equipment, secure configurations, and the common types of threats or attacks against the network devices, as well as mitigation strategies.
* Excellent knowledge of different application/communication protocols, and performance analysis tools.
* Strong analytical, performance tuning and problem solving skills to resolve operations issues.
* Information security principles
* 15+ years of information technology and information security experience in a professional and/or collegiate environment
* Experience with and knowledge of the majority of the technologies below
* Protocols/technologies like HTTP, SIP, RTP/RTCP, TLS, LDAP, SSO, SAML, OECD, MSA authentication, PSS, JDBC, XML.
* Experience implementing scalable, fault-tolerant, continuous availability, multi-data center systems.
* Experience analyzing business requirements to meet strategic security goals.
* Experience with intranet, and extranet development.
* Bachelor's Degree in Information Security, Computer Science or related discipline
* Security certifications such as ISCA, CEH, ISAAP, CISSP - ISSEP, CRISP, etc.
Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools. May be required to lift up to 25 pounds.
It is the Company's policy to provide equal employment opportunity to all individuals. Securus will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person's race, color, religion, sex, national origin, age, disability, veteran status, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.