A financial firm is looking for a Senior IT Security Architect to join their team in Iselin, NJ.
Compensation : $200-220k
This team is looking for someone with business systems security architecture experience rather than applications / products.
They ideally would like this candidate to have some cloud security experience.
Responsibilities :
- Work with Enterprise Architecture in the effective delivery of solutions
- Knowledge of all key areas of Information Security Technology and an ability to apply them appropriately
- Work with other Security Architects to build security into infrastructure and architecture designs
- Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture
- Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary
- Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives
- Keep informed of new and updated industry frameworks and regulations : GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA
- Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement
- Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture
- Interface with program and project managers to ensure appropriate security architecture engagement as necessary
- Develop a strong interlock with the other security functions to support transition of projects into operation with effective governance
- Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise
- Ensure appropriate interlock and attestation against security controls where appropriate
- Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods
- Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk
Qualifications :
- 5+ years security architecture expertise with broad understanding of multiple security domains
- Ability to collaborate effectively with others to drive forward key security objectives
- Strong documentation and report writing skills (to both technical and business audiences)
- Knowledge of policy frameworks and understanding of policies, procedures, guideline structure
- Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software
- Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
- Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred
- Knowledge of Risk Management life cycles based on an established framework : ISO 27001, SANS, NIST SP 800-53
- Working knowledge of the following frameworks and regulations : ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM
- Excellent verbal, written and interpersonal communication skills
- Strong service-oriented mindset to consistently deliver balanced security solutions that include people, process and technology
- Ability to effectively communicate complex technical issues to both business and technical staff at all levels
- Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups
24-02886
8 days ago