Information Security Architect -ISA24-08907

Position : Information Security Architect

Duration : 12 months

Location : Hybrid (Boston, MA)

Hours needed per week : 40

Responsibilities :

• Risk Communication : Ensure the confidentiality, integrity, and availability of information by effectively communicating risk to stakeholders.
• Policy Creation and Maintenance : Develop and uphold enforceable policies that support key processes and ensure organizational security.
• Regulatory Compliance : Ensure compliance with all relevant regulatory requirements and standards.
• Coordination of Security Activities : Collaborate with client departments to evaluate, procure, and deploy security-related products, and to develop and coordinate security awareness, disaster recovery, and incident response plans.
• Technical Solutions : Translate complex security problems into sound technical solutions, providing clear direction and support.
• Technical Guidance : Offer technical, security, and architectural direction to both technology and business teams.
• Adherence to Standards : Ensure development efforts comply with established security, design, and compliance standards and requirements.
• Secure System Design : Provide insight and guidance on the overall design of secure systems.
• Infrastructure and Application Security : Oversee the secure architecture of infrastructure and applications.
• Documentation and Communication : Document, maintain, and communicate security architectural requirements.
• Monitoring Technologies : Stay informed about emerging technologies and assess their potential impacts on operations and long-term strategy.
• Compliance Vulnerability : Identify potential compliance vulnerabilities and risks, and direct the development and implementation of corrective action plans.
• Legal and Industry Standards : Ensure adherence to legal standards regarding information security compliance and implement industry best practices for security.
• Strategic and Tactical Advice : Provide strategic and tactical advice to address existing and evolving security threats.

Required Knowledge, Skills, and Abilities :

• Experience :
• Minimum of 10 years in information technology.
• Minimum of 10 years in information security or cybersecurity, with at least 5 years of exposure to various security frameworks, preferably NIST.
• 5 years of managerial, team leadership, or supervisory experience in large, matrixed organizations.
• Technical Expertise :
• Extensive experience with policies / procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis, and disaster recovery.
• Leadership Skills :
• Ability to supervise staff, including performance appraisal, employee coaching, training, development, and performance management.
• Communication Skills :
• Excellent written and verbal communication skills.
• Proven ability to translate security and risk concepts to all levels of the business in both technical and non-technical terms.
• Relationship Management :
• Ability to develop and maintain effective working relationships with a variety of stakeholders.
14 days ago