Security Architect

Job description: Security Architect

Tasks

• Development and implementation of threat modeling frameworks to proactively identify security risks in business applications, infrastructure and business processes
• Identifying potential security risks within the company, assessing their impact and proposing appropriate risk mitigation measures
• Understanding how security incidents could impact business operations and prioritizing security measures based on their criticality
• Contributing to the Security Incident Response Team and communicating incidents to senior management in IT and cyber risk management
• Assist in monitoring and evaluating the effectiveness of the organization's information security arrangements to ensure that they provide the intended protection
• Executing complex initiatives involving multiple disciplines and/or ambiguous problems
• Present a balanced, cross-functional perspective that aligns the business with the need to improve efficiency, effectiveness and productivity
• Help establish the organization's overall information security architecture by aligning business processes, IT software and hardware, local and wide area networks, people, operations and projects with the organization's overall security strategy
• Evaluate proposals to determine whether proposed security solutions effectively meet business needs
• Identify alternative functional security strategies to address organizational IT security concerns
• Interpretation and/or approval of security requirements with regard to the capabilities of new information technologies
• Leading and aligning IT security priorities with the company's mission and vision
• Manage the monitoring of external threat intelligence data sources to maintain the organization's situational awareness

Requirements

Knowledge

• Knowledge of information security principles
• Knowledge of incident response and handling methods
• Knowledge of industry-standard and organization-wide accepted analysis principles and methods
• Knowledge of intrusion detection methods and techniques for detecting host- and network-based intrusions using intrusion detection technologies
• Knowledge of network architecture concepts, including topology, protocols and components
• Knowledge of network management principles, models and tools
• Knowledge of server and/or operating systems
• Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems
• Knowledge of what constitutes a threat to a network
• Knowledge of information security program management and project management principles and techniques

Experience

• A university degree and/or relevant, proven professional experience in the field of information security is required
• An industry certification such as CISSP, CISM, CISA, GIAC is preferred

We offer

• A comprehensive benefits package, including retirement benefits (401k and pension), health and welfare benefits (health insurance, dental insurance, vision insurance, spending accounts and disability insurance), paid vacation, parental and dependent care leave, life and accident insurance, and other voluntary and wellness benefits
• A discretionary bonus program that may include an equity component
• A flexible and collaborative work culture in an organization where financial strength and stability are assets that encourage us to explore new ideas
• Movement within the organization is encouraged, high-level leadership is accessible, and you can take pride in working for a company that is committed to supporting the communities we serve