14 days old

Lead Security Architect

Des Plaines, IL 60018
  • Job Code
    579895

GENERAL POSITION SUMMARY


The Central Technology Services (CTS) Lead Information Security Architect is a member of the Information Security Services team and secures enterprise information by determining security requirements; planning, implementing, and testing security systems and controls; preparing security standards, policies, and procedures; and mentoring team members.


Responsible for the implementation, configuration, and on-going administration of all information security tools and solutions. The Lead Information Security Architect partners with stakeholders across the organization to securely achieve the functional requirements of business initiatives. The Lead Information Security Architect is the technical authority on information security architecture within organization.


ROLES AND RESPONSIBILITIES


Works with business units and with other risk functions to identify security requirements using methods that may include risk and business impact assessments. Components of this activity include but are not limited to:



  • Researches, evaluates, designs, tests, recommends and plans the implementation of new or updated information security technologies.
  • Develops a common set of security tools; defines operational parameters for their use, and conducts reviews of tool output.
  • Develops and validates baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
  • Conduct reviews of the security posture of third party vendors, service providers, and partners.
  • Conduct system security and vulnerability analyses and risk assessments; recommend appropriate architectures/platforms; identify integration issues with internal and external systems.
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures.
  • Upgrade security posture by monitoring the environment; identifying security gaps; evaluating and implementing enhancements.
  • Prepare system security reports through collection, analysis, and summarizing data and trends.
  • Respond to and investigate malware and intrusions. Conduct forensics when required.
  • Partner with teams across the company to build and design security into their systems.
  • Monitor and define events for Security Incident Event Management.
  • Reports to CTS management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
  • Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
  • Advises and promotes to system administrators the implementation of server and desktop hardening best practices.
  • Participate in solution architecture design; lead security efforts assisting with the integration and initial implementation of solutions.
  • Understand current as well as emerging security threats and design security architecture to mitigate threats where possible.
  • Assists in the development of security architecture and security policies, principles and standards
  • Participates in the enterprise architecture (EA) community, and provides strategic guidance during the EA process.
  • Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts; participates in organizational projects as required.


QUALIFICATIONS & EXPERIENCE


Required Qualifications



  • Minimum of 5 years of hands-on technical information security experience; network security design, integration and operation experience.
  • Bachelor's Degree in Computer Science and at least 10 years of experience in IT.
  • One or more relevant industry certifications (CISSP, CISM, CISA)
  • Expert understanding and experience creating and enforcing controls based on industry standard security and control frameworks including CIS, NIST, COBIT 5, ISO 27002.
  • Experience with Network and Computer Forensics, Malware Analysis
  • Proficient at Security Analysis, including the following domains:


    • Formal Threat Modeling
    • Knowledge of Web Application Risks and Fundamentals
    • Gap Assessment
    • Compensating Mitigations

  • Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership.
  • Proven experience in managing IT projects.
  • Advanced knowledge of information security principles and practices, including any of the following: security risk assessment standards, risk assessment methodologies, and vulnerability assessment.
  • Understanding of Operating Systems, Business Applications and data flow dependencies between applications
  • Proficiency with scripting: bash, PowerShell, Python, Ruby, or Perl.
  • Extensive experience managing Windows security, mobile device and endpoint security; experience and knowledge managing security for Mac OS X and Linux systems

Categories

  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Share this job:

Lead Security Architect

Randstad Technologies
Des Plaines, IL 60018

Share this job

Lead Security Architect

Randstad Technologies
Des Plaines, IL
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast