Information Security Architect Job Description Template
Our company is looking for a Information Security Architect to join our team.
Responsibilities:
- Communicate progress, findings, and ensure succesfull handoff of deliverables to program and operational teams;
- Support development of security architectures, roadmaps, and requirements for key Verizon systems;
- Provide thought leadership by participating in network and security forumsand collaborating with academic and research institutions;
- Develop security architectures, roadmaps, and requirements for asset-management-specific security systems;
- Build domain knowledge of Verizon’s environment to understand long-term risk areas that will develop as the systems evolve;
- Define objectives, technical work, and timeline for developing asset-management security architectures, roadmaps, and requirements;
- Research and assess new information security threats and recommend remedial actions;
- Evaluate security controls employed by Cloud service and other third party providers to ensure information assets are adequately protected;
- Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies;
- Incorporate industry security standards into practical security operations, network operations, and application development practices;
- Contributes to the development and maintenance of the information security strategy;
- Executes projects as project leader, and lead engineer;
- Work with governance stakeholders to establish best practices for AWS IAM, system permissions, single-sign-on, etc;
- Analyzes business impact and exposure, based on emerging security threats, vulnerabilities and risks;
- Edit and maintain policy documentation related to InfoSec, Risk Management, and Incident Response.
Requirements:
- Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, Oauth, SAML);
- Knowledge of Ethereum and Bitcoin blockchains a plus;
- Strong communication skills and a collaborative approach;
- Bachelor’s or master’s degree in computer science, information systems or other related field, or equivalent work experience;
- Familiarity with a relevant enterprise architecture methodology (e.g. Zachman Framework, TOGAF);
- Proven implementation of creative technology solutions that advance the business;
- Familiarity with international data privacy and U.S. regulations and bestvpractices;
- Expertise with enterprise certificate management and PKI services;
- Experience with information security policy design;
- 5 to 10 years of experience required in the following: Extensive expertise in NIST and ISO 27000 security practice frameworks;
- Experience with other cloud infrastructure a plus;
- Demonstrable experience creating, securing and managing Cloud infrastructures (e.g. Microsoft Azure);
- Experience in mapping standards such as ISO27K, PCI DSS, NIST, SANS Critical Controls, SOC for cybersecurity, etc. into organizational standards;
- Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible, etc…);
- Experience with cryptography is a plus.