NO SPONSORSHIP - C

Security Engineering/Architect - Controls

Rate: Open C2C

LOCATION: Remote if in: IL, TX, FL, GA, MA, MD, MN, NC, NJ, NY, DC, WI

Looking for a candidate with security architecture, security controls, cloud on premise design implementation. Application security control implementation, control validation adversarial testing windows services end users NIST CSF FFIEC OWASP IAM network access control PKI Firewalls IPS AWS COBIT NIST NIST CSF ISO experience working with regulatory frameworks SCI CFTC 99.18 etc.

Description:

This position will support the Security Architecture team responsible for architecture of the security controls environment in the cloud and on-premise and ensuring that security requirements are met in systems design and implementation. This individual will work with the Security Architecture team to problem solve, define requirements and scope for application security, Control implementation, control validation and adversarial testing. The position will include extensive interaction with IT, Security Engineering, Security Assurance, EPMO, Windows services, and end-users for the duration of the engagement.

• Conduct architectural Security control validation testing processes
• Define security requirements aligned with current threat intelligence and industry standards such as the NIST CSF, CSA, FFIEC, OWASP
• Review current system security measures and recommending and implementing enhancements.
• Conduct market surveys of security tooling to identify potential replacements or upgrades to enhance security and resilience
• Partnering with IT department to design and implement effective Embedded security capabilities
• Drive the maturation and automation of Security information dissemination and oversight processes
• Support Security Assurance in assessing the effectiveness of planned remediations for identified security defects
• Produce reporting and documentation artifacts for leadership and staff relating to security related activities
• Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices
• Assists Security Analysts, transferring technical and risk management knowledge
• Assist in project planning, program development, and process formalization.
• Perform other duties as assigned

SKILL AND EXPERIENCE REQUIRED:

• Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience.
• 10 years hands-on Information Security architecture or engineering
• Experience with design and specification of security control technologies such as IAM, Network Access Controls, PKI, Firewalls, IPS
• Experience with AWS and cloud-native tools desired; training provided as needed.
• Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc.
• Experience in security risk management principles and practices.
• Experience in working with regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc.
• Professional security certifications a plus (ie, AWS, CSA, GIAC, CISSP, CISA, CISM, CRISC)