Contact Us 877.823.3669

Security Architect (Principal Engineer, IT Security) in Boston, MA at SNI Technology

Date Posted: 9/12/2018

Job Snapshot

Job Description


I'm currently working with a very elite global technology client who is looking for a Security Architect to join their team in the Boston area.
Responsibilities

  • Proactively recommend and drive security enhancements to management.
  • Integrate with Peer groups and industry experts to measure our programs and results
  • Staff - monitoring, oversight, and administrative tasks
  • Oversee and recommend strategies to respond to and recover from a security breach
  • Educate the workforce on information security through training, newsletters, etc.
  • Implement and use software to protect organizations' sensitive information.
  • Participate in and manage Infrastructure portions of projects in coordination with Project Managers.
  • Work closely with application development teams to ensure secure coding standards/practices
  • Test security plans, products and control techniques
  • Coordinate and monitor vulnerability scans, application and network penetration testing, risk assessments, tabletop exercises
  • Work collaboratively with other technical teams to address system and application vulnerabilities.
  • Work with Internal Audit and other consultants as required
  • Engage and participate in industry peer groups.
  • Keep abreast of industry trends and best practices.
  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
  • Cross-department collaboration and communication to ensure appropriate security processes, procedures and tools are installed, monitored, and effectively operating and alerting.
  • Strategy, planning, and operational excellence through continuous improvement and automation.
  • Manages service levels, control effectiveness, control failure remediation, operational automation and oversight of information security team
  • Oversee the administration of all information security technology platforms, ensuring that technologies are optimally configured and maintained to provide maximum uptime and protection to the organizations' information systems.
  • Play a primary role in the selection of new information security technologies.
  • Conduct regular technical risk assessments/audits of systems and infrastructure.
  • Oversee and directly participate in the installation, configuration, and monitoring of new information security technologies.
  • Liaise with corporate compliance, audit, legal and HR management teams as required, including overseeing annual audits and reporting as required.
  • Develop, maintain and publish up-to-date security standards and guidelines, and oversee training and dissemination of security policies and practices.
  • Provide technical leadership for all information security platforms.
  • Serve as the escalation point for technical issues related to information security platforms.
  • Take a lead role in developing technical solutions and methodologies for information security programs, including, but not limited to; information security technologies, vulnerability management, vendor risk management and risk management.
  • Conduct regular technical risk assessments/audits of systems and infrastructure.
  • Engage proactively in risk management activities.
  • Assist in the development and knowledge transfer to IT team members, as well as other enterprise groups.
  • Promote a culture of information security across all business units.


Requirements

  • Bachelor's in Information Technology, Computer Science, Engineering or related field.
  • CISA, CISSP, CISSP-ISSEP or similar certification required. In-depth knowledge of applications, systems, network and data security, telecommunications, security operations, and associated hardware, software and protocols.
  • 10 + years of full time experience designing, architecting and implementing information security technology solutions.
  • 10+ years of full time experience in dedicated, technical information security roles.
  • Background in information technology in an area such as; networking, programming, database management or systems administration.
  • Strong knowledge of information security Principals and practices.
  • Experience with incident response and analysis, preferably in a leadership role.
  • Strong knowledge in the use of information security and networking tools such as; Wireshark.
  • Experience performing packet analysis.
  • Strong knowledge of security orchestration and automation technologies.
  • Strong knowledge of IDS/IPS, firewalls, proxies and other network security technologies.
  • Strong knowledge of host-based and advanced threat protection information security technologies.



Minimum Skills & Qualifications

  • CISSP
  • Outstanding written and verbal communication skills, with a high degree of professionalism and strict attention to detail
  • Analytical skills
  • Troubleshooting Proficiency
  • Advanced knowledge of PCI Security Standards
  • Risk Management skills
  • Methodical and meticulous work ethic
  • Proficient with industry wide security standards
  • Proficient with network and application security tools and best practices
  • Ability to process large amounts of information
  • Perform and manage log monitoring
  • Excellent verbal and written communication at all levels of the organization
  • Ability to lead an investigation and perform forensic analysis
  • Aggressively pursue risk mitigation strategies
  • Demonstrate cross functional team leadership
  • Develop and report appropriate metrics (key risk and performance indicators) to measure the monitoring program and related process.
  • Candidate should have broad technical knowledge on a number of security technologies and a solid understanding of information and networking security.
  • Soft skills such as the ability to build relationships, build consensus, negotiate solutions, and guide customers through their decision process are highly desirable.