Position : Information Security Architect
Duration : 12 months
Location : Hybrid (Boston, MA)
Hours needed per week : 40
Responsibilities :
- Risk Communication : Ensure the confidentiality, integrity, and availability of information by effectively communicating risk to stakeholders.
- Policy Creation and Maintenance : Develop and uphold enforceable policies that support key processes and ensure organizational security.
- Regulatory Compliance : Ensure compliance with all relevant regulatory requirements and standards.
- Coordination of Security Activities : Collaborate with client departments to evaluate, procure, and deploy security-related products, and to develop and coordinate security awareness, disaster recovery, and incident response plans.
- Technical Solutions : Translate complex security problems into sound technical solutions, providing clear direction and support.
- Technical Guidance : Offer technical, security, and architectural direction to both technology and business teams.
- Adherence to Standards : Ensure development efforts comply with established security, design, and compliance standards and requirements.
- Secure System Design : Provide insight and guidance on the overall design of secure systems.
- Infrastructure and Application Security : Oversee the secure architecture of infrastructure and applications.
- Documentation and Communication : Document, maintain, and communicate security architectural requirements.
- Monitoring Technologies : Stay informed about emerging technologies and assess their potential impacts on operations and long-term strategy.
- Compliance Vulnerability : Identify potential compliance vulnerabilities and risks, and direct the development and implementation of corrective action plans.
- Legal and Industry Standards : Ensure adherence to legal standards regarding information security compliance and implement industry best practices for security.
- Strategic and Tactical Advice : Provide strategic and tactical advice to address existing and evolving security threats.
Required Knowledge, Skills, and Abilities :
- Experience :
- Minimum of 10 years in information technology.
- Minimum of 10 years in information security or cybersecurity, with at least 5 years of exposure to various security frameworks, preferably NIST.
- 5 years of managerial, team leadership, or supervisory experience in large, matrixed organizations.
- Technical Expertise :
- Extensive experience with policies / procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis, and disaster recovery.
- Leadership Skills :
- Ability to supervise staff, including performance appraisal, employee coaching, training, development, and performance management.
- Communication Skills :
- Excellent written and verbal communication skills.
- Proven ability to translate security and risk concepts to all levels of the business in both technical and non-technical terms.
- Relationship Management :
- Ability to develop and maintain effective working relationships with a variety of stakeholders.
14 days ago