Security Architect

This position is responsible for reviewing and driving technology plans to align with enterprise goals, business plans and business processes. This requires superior knowledge working with security solutions for network security (Palo Alto Networks, McAfee IDS/IPS, Lancope StealthWatch), Endpoint Security (McAfee ePO, Symantec DLP), Vulnerability Management (McAfee MVM, Qualys, or Tenable Security Center) and application security (OWASP).  Additional responsibilities include technical leadership, mentoring other team members, and leading projects. 

Responsibilities:

• Stays abreast of emerging technologies and market trends and makes recommendations to align with the business' strategic initiatives.  Develops and maintains the technology roadmaps that drive innovation within the organization. 
• Translates business requirements into technical designs that ensures availability, stability, scalability, security, and recoverablity.  Accountable for the quality of the implemented solutions.  Works with business partners to ensure design meets desired outcomes. 
• Provides oversight for the development of prototypes and setting technology direction.
• Defines and promotes processes, policies, standards and procedures to assure compliance with corporate and regulatory policies. Responsible for creating deliverables that are consistent with defined architecture principles, standards, methodologies and best practices. 
• Develops and maintains artifacts in the Architecture Library. 
• Governs the introduction of new technologies.  Reviews, aligns, and drives technology plans with enterprise goals, business plans and business processes. 

Skills and Requirements:

• Superior knowledge and experience working with security solutions for network security (Palo Alto Networks, McAfee IDS/IPS, Lancope StealthWatch), Endpoint Security (McAfee ePO, Symantec DLP), and Vulnerability Management (McAfee MVM, Qualys, or Tenable Security Center).
• Superior knowledge of application design methodologies and ability to drive security maturity within the software development lifecycle.  Experience with third party application security scanning solutions (WhiteHat Sentinel, IBM Rational AppScan, HP WebInspect) and security code review capabilites (HP Fortify).
• Superior knowledge in various information security areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT architecture, Monitoring, Incident Response and Security Strategy.
• Must have knowledge and stay up to date on the latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities.
• Superior knowledge of data security architecture, data classification, and policy writing.
• Superior understanding of application vulnerabilities and remediation strategies leveraging industry best practices from enties such as OWASP.
• Knowledge and familiarity with compliance frameworks such as Sarbanes-Oxley, PCI, or ISO.
• Superior communication skills, both written and verbal. 
• Ability to work independently, work in a fast paced environment, and manage workload prioritization to deliver high quality work products on time with minimal direction.
• Demonstrated collaboration skills with the ability to handle conflict and to work with a distributed team.
• Superior critical thinking skills with the ability to develop completely new problem-solving approaches and formulate innovative solutions.
• Bachelor's Degree in computer science or related field, or equivalent education and work experience.
• Minimum 10 years of Information Security experience.
• Experience with software development lifecycle (SDLC) methodology.