Lead Information Security Architect

Lead Information Security Architect

Salary: $125k-$145k + Bonus

Location: Plano, TX

*We are unable to provide sponsorship for this role*

*Bonus Eligible*

A prestigious Fortune 500 company is seeking an Information Security Architect that will architect and design secure infrastructure, business systems and overall solutions for IaaS, PaaS, and SaaS.

Qualifications

• 8-10 years of information technology experience, preferably within the financial services and/or mortgage industry
• BA/BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience
• 4 years of experience as an Information Security Professional, preferably within the architecture or engineering practices
• 3 years of experience as an InfoSec Solutions Architect
• 1-2 years of experience in the application of Information Security Architecture in a cloud environment (Amazon Web Services is a must)
• Technical, working knowledge including:
  • Active Directory Federation Services and other federated technologies (Ping, Okta...)
  • Virtual Machines (OSP, VMWare, AWS AMI...)
  • Application vulnerability scanning
  • Pipeline automation security
  • Containerization
  • Next Generation Firewalls
  • External Secure Web Gateways and CASBs
  • Network and Host-based IDS/IPS

Preferred Certifications

• CISSP (+ ISSAP), CCSP
• AWS Certified Solutions Architect (Associated, Professional)
• Google Professional Cloud Architect
• SABSA (F1 & F2 minimum)

Responsibilities

• Function as the ISA Team's Infrastructure subject matter expert (SME)
• Collect, interpret, evaluate, and validate business requirements, functions and processes associated with assigned projects
• Work with the Project Team's solution architects and technical team members to develop security solution architectures that are in compliance with the organization's InfoSec policies, standards, non-functional requirements, reference architectures and patterns
• Identify security risks and provide recommendations, solutions, and options to best mitigate those risks
• Have a thorough understanding of industry standard InfoSec control frameworks such as ISO 27001/27002, NIST, and CIS
• The ISA Tech Lead shall understand the concepts and practical application of the following foundational security architecture, design and operational principles and practices across the technology stack:
• Identity and Access Management, Network Security, Server and Client Endpoint Security, Data Security, Cryptography, Application Security, Mobile device security and Vulnerability Management.
• Able to translate the foundational security architecture, design and operational principles and practices above to cloud environments
• Cloud Security (IaaS, PaaS, and SaaS) across cloud platforms such as AWS (must have), Google (desired) and Azure (nice-to-have)