Job Description :
Position Description:

The Information Security Architect position focuses on supporting business projects and providing solution architecture. The successful candidate will partner with application owners and delivery managers to design security and privacy controls.


Roles & Responsibilities:

The position is 80% security architecture / technical leadership, and 20% research and development. The individual partners with product managers and solution architects to set the security direction of offerings and articulates the value proposition. Also, the position provides guidance to Line of Business CIOs and is the final approver of information security controls on projects.

Guides businesses to leverage common information security patterns
Partners with subject matter experts to improve information security patterns and services
Ability to work with leaders and team members at all levels and across functional lines
Demonstrated experience establishing and maintaining effective working relationships
Strong analytical skills and the ability to think strategically
Critical thinking skills and does not hesitate to question status quo
Self-starter with a passion for providing value to organizations

Required Qualifications:
2+ years of information technology systems design and planning experience; in systems, applications, or architecture
3+ years of information security experience
5+ years of experience delivering technology solutions in large-scale complex organizations

Desired Qualifications:
Experience with a broad range of mobile and wed application design, development, and management principles, practices, and procedures
Experience influencing management on technical and business solutions
Excellent verbal, written, and interpersonal communication skills
Knowledge and understanding of data protection technologies and practices
Knowledge and understanding of threat analysis and assessment of potential and current information security risk/threats
Knowledge and understanding of application or software security such as: dynamic application security testing, secure code review, and secure static code analysis
Knowledge and understanding of cryptography and key management
Knowledge and understanding of service-oriented architecture and associated security controls
Knowledge and understanding of enterprise authentication and authorization technologies such as LDAP, SAML, XACML, and reverse authenticating proxies.
General understanding of diverse platforms and operating systems, including current and emerging technologies
Certified Information Systems Security Professional (CISSP)

Additional Desired Qualifications:
3+ years of experience in architecture, governance, risk management, PCI DSS control governance, application security, encryption, key management, and identity and access management
Experience architecting applications for financial services business