Information Security Architect
Please find the Job description below
Summary of the position:
One of our many customer(s) today is urgently looking for an experienced Information Security Architect
Here are some of the specific details:
Information Security Architect - 6 Months - San Francisco, CA - Remote
• Bachelor’s degree in Computer Science, Information Systems, Computer Engineering, Cybersecurity, Systems Analysis or a related field or equivalent work experience
• Typically has 2+ years of experience with all aspects of a project from design through development, testing, implementation, and production with extensive technical breadth through experience in the IT industry
• Requires working knowledge of more than one design method and at least one discipline that is considered to be at the level of a subject matter expert
• Requires an understanding of the business processes of the Clients in which he works
• Requires an ability to lead others
• Experience with secure application architecture, application intrusion and vulnerability penetration testing, secure coding practices, J2EE/.NET/Web Services Architecture and code review
• Experience in identifying and validating application vulnerabilities at both an architectural and source code level
• Knowledge of information security best practices, regulatory concerns and security standards
• Requires certified training in security management, risk and compliance solutions and practices.
• Works closely with other functional area architects and security specialists to ensure adequate security solutions are in place throughout all systems and platforms to mitigate identified risks and to meet business objectives and regulatory requirements
• Evaluates and develops secure solutions, based on approved security architectures
• Analyses gaps between current and target security architecture and develops and implements roadmaps and plans to close gaps
• Performs security design/architecture reviews and code reviews of large applications, systems and networks
• Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks
• Consults on various projects regarding secure design standards and security information management
• Researches, designs and advocates new technologies, architectures, and security products
• Communicates security risks and solutions to business partners and IT staff
• Coordinates with DevOps teams to advocate secure coding practices
• Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems Complexity
• Develops, maintains and governs the architecture for multiple projects
• Viewed as an expert and provides knowledge and counsel to others
• Works on highly complex projects that require in-depth knowledge of one or more specialized architecture areas such as security, applications, information, solution and business
We are looking for a bright, eager, disciplined individual who is interested in DevSecOps, has some of the required background and has shown the capacity to learn quickly.
• Familiarity with API Security, Container Security, AWS Cloud Security
• Experience with secure coding practices and implementing DevSecOps practices Evidence of mature and effective communication skills
• Familiarity with the InfoSec Frameworks/Standards (i.e. CIS, NIST, MITRE, OWASP etc)
• Knowledge of security issues relevant to applications
• Knowledge of security issues related to the migration of software workloads to cloud
• Ability to review and analyze vulnerability data to identify security risks to the organization's infrastructure and applications
• Knowledge of AWS or Azure security controls General background in information security is a plus
Harvey Nash is a national, full-service talent management firm specializing in technology positions. Our company was founded with a mission to serve as the talent partner of choice for the information technology industry.
Our company vision has led us to incredible growth and success in a relatively short period of time and continues to guide us today. We are committed to operating with the highest possible standards of honesty, integrity, and a passionate commitment to our clients, consultants, and employees.
Utilizing our proprietary Predictive Staffing model, our company has enjoyed more than a decade of rapid growth, earning our reputation as a client-focused, efficient provider across a broad range of industries. Today, we serve top Fortune 1000 and successful privately held companies all over the country, still operating under the simple idea that great people aligned under a common vision can achieve tremendous results.
We are part of Harvey Nash Group, a global professional services organization with over forty offices worldwide.
For more information, please visit us at https://www.harveynashusa.com/