Information Security Architect | Washington DC | Long Term

Hi Job Seekers,
Hope you are doing great!!
Currently, we have a job opening of Information Security Architect at Washington DC with our client. If you are interested or have resources then please reply me with your updated resume or please call me at 9088540421

Role: Information Security Architect
Location: Washington, DC, USA

Note: Client need Application Security side exp with PCI-DSS.
 
The successful candidate must have a detailed knowledge of security domains with a specialty in endpoint, network, application security and compliance.
They must be team oriented and have strong leadership ability. The role is customer facing of all network, security & compliance requirements and is responsible for determining the requirements through planning, implementing, and testing security systems. Reviews security standards, policies, and procedures as they pertain to changes in regulations and risk. This role required regular interaction with other teams to help integrate their business requirements into the planning and implementation of the security architecture. The candidate must be able to articulate their knowledge of security considerations both verbally and in writing, and have to work within budget and operational constraints to secure systems without destroying their efficiency.
Responsibilities
. Co-ordinate to develop security strategic plans and roadmaps based
on enterprise architecture best practices.
. Develop and maintain a security architecture process that enables
the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
. Works closely with IS teams including but not limited to
Architecture, Operations, Network, and Capacity Planning, to establish and operation solutions within the Information Security framework and in resolution of security impacting issues.
. Identify security design gaps in existing and proposed architectures
and recommend changes or enhancements
. Good hand-on experience in managing Security Operations, Security
incident response and creating awareness to the employees about security issues and practices.
. Supports, refines and documents the methodologies, information
security policies, standards processes, procedures and measurements used in support of information security as needed.
. Analyzes existing, new, and emerging technologies, and integration
in security framework.
. Develop and maintain a comprehensive project plan (roadmap) that at
a minimum identifies the tasks to be accomplished in the course of completing the requirements, defines project staff roles/responsibilities, and provides a detailed timeline for completion of tasks.
. Track all issues during the entire engagement, report out to the
Customer and work towards resolving them in co-ordination with the Customer.
. Provide guidance to Tier I /Tier 2 support on activities related to
Anti-malware, Vulnerability management, and threat management.
. Develop Application security program - Integrating automated testing
tools (Static Application Security Testing SAST, Dynamic Application Security Testing DAST, and other technologies as necessary into the overall SDLC process design; Evaluating and identifying gaps or missing security related tasks, activities, and making recommendations.
. Periodic access reviews - Ensuring all personnel have access to the
IT system limited by need and role.
. Vendor Management - Third party security risk, review and assess the
security risk and recommend mitigations and follow-up to closure.
. PCI / DSS - readiness: prepare documentation for audit review using
the updated templates.
. Promptly responding to all security incidents and providing thorough
post-event analyses.
. Change Management - Chair the change approval board (CAB), review,
identify the risks of the changes submitted by the infrastructure team and approve/reject them appropriately.
. Prepares security reports by collecting, analyzing, and summarizing
data and trends.
. The effort for the role is mentioned below :
o Strategize and design - 15%
o Project Management - 15%
o Security Operations / Incident Response - 15%
o Vendor Management / PCI-DSS - 10%
o Reporting - 20%
o Team Management - 15%
o Research - 10%
 
Key Technical Skills
 
. Experience in architecting, deploying and managing security tools
e.g.: vulnerability management, access management, log management, threat intelligence, pen testing, DLP automated code analysis, and antimalware;
. Have had exposure to new and emerging technologies such as CASB,
Cloud Proxy, MFA, cloud automation and management tools
. Familiarity with ITIL, ISO27001, OWASP, NIST/CIS best practices
. Familiarity with compliance requirements - PCI-DSS/HIPAA/ General
Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA).
. Project Management and follow up skills.
 
Qualifications
Minimum qualifications
. A degree in Information Technology, Computer Science or related
field is highly desirable.
. Advanced security qualifications such as CISM (Certified Information
Security Manager) or CISSP (Certified Information Systems Security
Professional) certifications.
. 7-10 years working experience of current IT risks, security
implementations, and computer operating and software programs.
 
Preferred qualifications
. Creates and maintains a working relationship with business units,
Infrastructure teams and other teams.
. Strong leadership skills and the ability to work effectively with
business managers, leadership, IT engineering and operations staff.
. Excellent written and verbal communication skills as well as
business acumen and a commercial outlook
. Strong inter-personal, analytical thinking, presentation and
communication skills essential
. Excellent positive customer relations skills
. Excellent organizational skills
. Excellent decision making skills
. Familiarity with ITIL process - Event/Incident/Problem/Change
Management processes
 
Thanks,
Saurabh Mishra | VBeyond Corporation
Direct Number 908-854-0421
Note: VBeyond is fully committed to Diversity and Equal Employment Opportunity.

Comments

Popular Posts