- Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.
- Contributes to the development and maintenance of the information security strategy.
- Works closely with enterprise architects, other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
- Serves as a security expert in application development (including dev/sec/ops), database design, network and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- Researches, designs and advocates new technologies, architectures, and security products supporting security requirements for the enterprise and its customers, business partners and vendors.
- Executes projects as project leader, and lead engineer.
- Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks.
- Identifies regulatory, governance, and policy gaps and proposes relevant solutions.
- Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience.
- Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED)
- 5 to 10 years of experience required in the following:
- o Extensive expertise in NIST and ISO 27000 security practice frameworks.
- o Extensive hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation correlation technologies - both traditional and cloud based
- o Extensive hands-on experience operating one or more common IT infrastructures (Telecom, database, Windows and *NIX server systems, virtualization platforms, Azure Cloud IaaS)
- o Proficiency with scripting/programming languages (e.g. Python, Ruby, Powershell)
- o Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc…)
- o Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, Oauth, SAML)
- o Expertise with enterprise certificate management and PKI services.
- o Familiarity with international data privacy and U.S. regulations and bestvpractices.
- o Familiarity with security-specific architecture methodology (e.g. SABSA).
- o Familiarity with a relevant enterprise architecture methodology (e.g. Zachman Framework, TOGAF).
- o Demonstrable experience creating, securing and managing Cloud infrastructures (e.g. Microsoft Azure)
- Excellent communication skills.
