Information Security Architect
Initially a 6 months daily rate contract
My client is looking for Information Security Architect who will be responsible for providing oversight, risk assessment and security architecture support and guidance to IT, IT Security and business teams for new system implementations and system change initiatives.
- Oversee IT Security risk assessments and evaluations of project and change initiative proposals and the proposed solutions’ ability to meet system and security requirements, recommending mitigating controls for identified limitations and risks
- Work closely with IT Security, business analysts, solution architects and project managers to ensure security requirements are effectively addressed in all phases of project lifecycles
- Review and contribute to the definition of functional and non-functional business requirements
- Evaluate as-is and to-be IT security risks and controls including leveraging industry standards and practices for designing the future state solutions.
- Participate in defining enterprise and application security controls and standards for production systems
- Assist in identifying and assessing risk as part of the overall IT Risk Management process
- Evaluate various technologies for suitable inclusion in IT solution designs
- Participate in the discovery, documentation and refinement of business requirements to ensure alignment with technically viable solution designs
- Participate in technical incident management and troubleshooting as needed
- Draft Information Security policies, standards and guidelines as required and review technical standards produced by IT and others
- Minimum 5+ years’ experience in Information Security and security architecture
- Deep understanding of the role of Information Security in IT risk management and controls
- Deep understanding of the role of IT Security software engineering and application development methodologies in a complex multi-project environment
- Experience in cloud and associated security technologies would be advantageous.
- Proven experience to review IT Security architectures for complex multi-component systems
- Demonstrated experience in reviewing conceptual, logical and physical IT security architecture deliverables
- Ability to research alternatives, make recommendations and influence decisions to reduce risk
- Ability to work collaboratively with individuals within both the technical community and senior leadership
- Relevant third level qualification or equivalent work experience
- Professional certifications in relevant domains such as CISSP, CISM, CRISC, CCSK, SANS GIAC.