Randstad Security Architect in San Antonio, Texas
San Antonio, TX
Friday, October 7, 2016
A client of ours in San Antonio, Texas is looking for a Security Architect for a 9 month possible contract to hire opportunity. Qualified candidates will have the following qualifications:
This position is responsible for providing subject matter expertise in information security assessments, designs, and solutions across the organization. The individual will work as a member of Security Design, Threat and Vulnerability Management functional group within the Information Security team, and balance business priorities, information security risks, and best practice security architecture to ensure confidentiality, integrity, and availability of business critical IT and data assets. Additionally, the successful candidate will be a key consultant who will facilitate discussions with key stakeholders in large workshops, small groups or one-on-one sessions while driving adoption of information security practices, standards, and processes throughout the enterprise.
We seek a Security Architect who has worked in a similar capacity where you have focused on the security elements of enterprise systems covering application, cloud, endpoint, platform, network, and data security domains. The successful candidate will ideally have worked in a security architecture capacity within a large business environment, and on multi-million dollar transformational IT projects.
Research, design and advocate new technologies, architectures, and security products that will support business security requirements for the enterprise and its third-party service providers.
Evaluate existing security capabilities to understand needs with a view to translating those needs into additional capabilities verified to meet business requirements
Serve as an information security advisor to other subject matter experts and key business stakeholders, establishing trust relationships through active engagement and powerful collaboration
Support the development of security strategy, roadmaps, patterns, and reference architectures
Drive the development and design of best practices, standards, and processes to ensure optimal protection of cloud-based and on-premise company assets
Architect and design information security solutions to meet business objectives and align to the adopted enterprise security framework
Conduct threat and vulnerability assessments to determine security requirements and controls following assessment of the potential business impact of security breach.
Collaborate with enterprise architects, IT leads and business process partners to ensure adequate security solutions are in place for all IT systems and platforms to sufficiently mitigate identified risks and meet business objectives.
Govern security design and architecture during project delivery by enforcing the use of established standards and evolving solutions and patterns
Provide security design, consultancy, and assessment services whilst introducing improvements in technical security standards and security implementation designs/patterns
Develop, review, improve, and drive adoption of security policies, best practices, and technical security standard
Maintain oversight of the design, implementation and testing of IT systems to ensure appropriate and effective security controls are built in from the start
Minimum of Bachelor s degree in Information Technology, Computer Science or related field of study required.
At least one professional information security certification required
CISSP, CCSP, CISM, SANS GIAC
Minimum 12 years progressive experience in multiple information technology areas preferred
Minimum 8 years experience in information security required
Minimum 4 years in significant security design and/or architecture role(s) with a broad exposure to infrastructure/network and multiplatform environments preferred
Experience designing and implementing information security programs and/or controls in a private sector enterprise environment is required
Sound decision making skills with exceptional ability to strike the right balance between security requirements and strategic business objectives is preferred
Deep understanding of (and experience with) security technologies across multiple cyber security domains namely; identity & access management, network security, data loss prevention, SAP security, cryptography, host security, cloud security, and security events management - at least 2 of these domains is required
Demonstrated ability to identify security requirements and validate implementation of applicable controls into a robust architecture that sufficiently repels most malicious attacks is preferred;
Strong analytical and conceptual skills balanced by broad perspective on how security efforts support realization of business goals is preferred;
Demonstrated experience in developing security designs within complex IT environments is required;
Demonstrated experience in understanding security risks, identifying control gaps and advising senior management and relevant business stakeholders on the most effective mitigation options is required;
Demonstrated experience in developing and implementing security strategies and roadmaps, and working across boundary to improve organizational security posture is preferred;
Working knowledge of - or formal training in the usage of - relevant enterprise architecture framework (Jericho Forum/The Open Group, TOGAF, SABSA, etc.) is preferred;
Working knowledge of security frameworks and industry best practices such as NIST, SANS, ISF, ISO 27001 and COBIT is required;
Ability to thoroughly review technical design components to ensure alignment with security policies, standards and best practices is preferred;
Strong knowledge and understanding of current and emerging cyber security threats, vulnerabilities, trends and mitigations ranging across the technologies required to provide layered defense is required;
Excellent understanding of key information security terms, tenets and models is required;
Must be able to represent cyber security viewpoint through excellent communication skills to both technical and non-technical audience;
Strong interpersonal skills and positive attitude required to interface with all levels within the organization is a must