Information Security Architect

Responsibilities:
• Ensure the confidentiality, integrity and availability of information by communicating risk.
• Create and maintain enforceable policies supporting processes.
• Ensure compliance with regulatory requirements.
• Coordinate security-related activities with the client departments. Activities include the evaluation, procurement and deployment of security-related products and the development and coordination of security awareness, disaster recovery and incident response plans.
• Be responsible for the translation and construction of complex security problems into sound technical solutions.
• Provide technical, security and architectural direction to technology/business teams.
• Ensure that development efforts are adhering to established security, design, and compliance standards/requirements.
• Provide insight and guidance on overall secure system design.
• Be responsible for secure infrastructure and application architectures.
• Document, maintain and communicate security architectural requirements.
• Monitor emerging technologies for potential impacts to operations and long-term strategy.
• Identify potential areas of compliance vulnerability and risk; direct the development and implementation of corrective action plans for resolution of identified issues.
• Ensure adherence to legal standards regarding information security compliance; implementing and following industry standards and best practices for security compliance; and developing reliable, efficient and effective project development processes.
• Provide strategic and tactical advice to address existing and evolving security threats.

Required knowledge, skills and abilities include:
• A minimum of 10 years of experience within information technology
• A minimum of 10 years of experience in information security or cyber security; with at least 5 years of exposure to various security frameworks, preferably NIST
• 5 years of managerial, team leadership or supervisory experience in large, matrixed organizations
• Extensive experience with policies/procedures, application design, information analysis and reporting, networking and systems integration, security control, audits, risk analysis and disaster recovery
• Ability to supervise staff including performance appraisal, employee coaching, training, development and performance management
• Excellent written and verbal communication skills, with a proven ability to translate security and risk to all levels of the business in technical and non-technical terms
• Ability to develop and maintain effective working relationships with a variety of stakeholders