Information Security Infrastructure Architect

*We are unable to sponsor for this permanent Full time role*

*Position is bonus eligible*

Prestigious Enterprise Company is currently seeking an Information Security Infrastructure Architect. Candidate will be responsible for working with our organization's Technology team, project teams and Information Security Operational Line teams. Candidate will architect and design secure infrastructure, business systems and overall solutions for IaaS, PaaS, and SaaS.

Responsibilities:

• Function as the team's Infrastructure subject matter expert (SME)
• Collect, interpret, evaluate, and validate business requirements, functions and processes associated with assigned projects
• Work with the Project Team's solution architects and technical team members to develop security solution architectures that are in compliance with the organization's InfoSec policies, standards, non-functional requirements, reference architectures and patterns
• Identify security risks and provide recommendations, solutions, and options to best mitigate those risks
• Have a thorough understanding of industry standard InfoSec control frameworks such as ISO 27001/27002, NIST, and CIS
• The ISA Tech Lead shall understand the concepts and practical application of the following foundational security architecture, design and operational principles and practices across the technology stack:
• Identity and Access Management, Network Security, Server and Client Endpoint Security, Data Security, Cryptography, Application Security, Mobile device security and Vulnerability Management.
• Able to translate the foundational security architecture, design and operational principles and practices above to cloud environments
• Cloud Security (IaaS, PaaS, and SaaS) across cloud platforms such as AWS (must have), Google (desired) and Azure (nice-to-have)
• This role provides oversight, consultation, advisory, controls design, compliance framework adherence and patterns documentation to the benefit of IT and the businesses.

Qualifications:

• 8-10 years of information technology experience, preferably within the financial services and/or mortgage industry
• BA/BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience
• 4 years of experience as an Information Security Professional, preferably within the architecture or engineering practices
• 3 years of experience as an InfoSec Solutions Architect
• 1-2 years of experience in the application of Information Security Architecture in a cloud environment (Amazon Web Services is a must)
• Technical, working knowledge including:
• Agile project methodologies
• Active Directory Federation Services and other federated technologies (Ping, Okta )
• Virtual Machines (OSP, VMWare, AWS AMI )
• Application vulnerability scanning
• SDLC
• Pipeline automation security
• Containerization
• Next Generation Firewalls
• External Secure Web Gateways and CASBs
• Network and Host-based IDS/IPS
• CISSP (+ ISSAP), CCSP - preferred
• AWS Certified Solutions Architect (Associated, Professional) - preferred
• Google Professional Cloud Architect - preferred
• SABSA (F1 & F2 minimum) are a plus