Senior IT Security Architect

A financial firm is looking for a Senior IT Security Architect to join their team in Iselin, NJ.

Compensation : $200-220k

This team is looking for someone with business systems security architecture experience rather than applications / products.

They ideally would like this candidate to have some cloud security experience.

Responsibilities :

• Work with Enterprise Architecture in the effective delivery of solutions
• Knowledge of all key areas of Information Security Technology and an ability to apply them appropriately
• Work with other Security Architects to build security into infrastructure and architecture designs
• Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture
• Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary
• Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives
• Keep informed of new and updated industry frameworks and regulations : GDPR, ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA
• Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement
• Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture
• Interface with program and project managers to ensure appropriate security architecture engagement as necessary
• Develop a strong interlock with the other security functions to support transition of projects into operation with effective governance
• Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise
• Ensure appropriate interlock and attestation against security controls where appropriate
• Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods
• Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk

Qualifications :

• 5+ years security architecture expertise with broad understanding of multiple security domains
• Ability to collaborate effectively with others to drive forward key security objectives
• Strong documentation and report writing skills (to both technical and business audiences)
• Knowledge of policy frameworks and understanding of policies, procedures, guideline structure
• Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software
• Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
• Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred
• Knowledge of Risk Management life cycles based on an established framework : ISO 27001, SANS, NIST SP 800-53
• Working knowledge of the following frameworks and regulations : ISO 27001 / 2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM
• Excellent verbal, written and interpersonal communication skills
• Strong service-oriented mindset to consistently deliver balanced security solutions that include people, process and technology
• Ability to effectively communicate complex technical issues to both business and technical staff at all levels
• Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups

24-02886