Senior IT Security Architect

A financial firm is looking for a Senior IT Security Architect to join their team in Iselin, NJ.

Compensation: $200-210k

Responsibilities:

· Work with Enterprise Architecture in the effective delivery of solutions

· Knowledge of all key areas of Information Security Technology and an ability to apply them appropriately

· Work with other Security Architects to build security into infrastructure and architecture designs

· Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture

· Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary

· Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives

· Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA

· Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement

· Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture

· Interface with program and project managers to ensure appropriate security architecture engagement as necessary

· Develop a strong interlock with the other security functions to support transition of projects into operation with effective governance

· Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise

· Ensure appropriate interlock and attestation against security controls where appropriate

· Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods

· Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk

Qualifications:

· 5+ years security architecture expertise with broad understanding of multiple security domains

· Ability to collaborate effectively with others to drive forward key security objectives

· Strong documentation and report writing skills (to both technical and business audiences)

· Knowledge of policy frameworks and understanding of policies, procedures, guideline structure

· Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software

· Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)

· Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred

· Knowledge of Risk Management life cycles based on an established framework: ISO 27001, SANS, NIST SP 800-53

· Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM

· Excellent verbal, written and interpersonal communication skills

· Strong service-oriented mindset to consistently deliver balanced security solutions that include people, process and technology

· Ability to effectively communicate complex technical issues to both business and technical staff at all levels

· Strong collaboration skills to tackle complex security challenges that may span across multiple internal and external departments and groups

24-02886