Information Security Architect

Assurant Miami, FL Closed
Assurant is looking for Information Security Architect in Miami, FL. This local job opportunity with ID 29762743 is live since 02/16/2019.
<p>The security architect position will provide guidance on the design, implementation and development of solutions for all aspects of information security. This role will have a very broad understanding of all aspects of security and technology including policies, standards and regulatory requirements. The solutions shall be designed to mitigate and/or reduce business exposure to information security risks. Risks may include, but not limited to, cyber security, information security, data loss prevention, intrusion prevention, and the availably of information systems. This role will lead virtual groups and projects.</p> <p> </p> <p><br /></p><p><b>Key Objectives:</b></p> <ul> <li>Implement solutions that comply with Employer Information Security Policies and Standards</li> <li>Lead virtual projects and technical teams on implementing security solutions across the enterprise</li> </ul><p><b><br /></b></p><p><b>Responsibilities: </b></p><p><br /></p><p><b>30% Operational/Process</b><br /> </p><ul> <li>Conduct security architecture reviews for internal and external clients and business partners at the request of the senior security leaders and/or Information Security Office. </li> <li>Ensure requirements are aligned to information security policies, standards and align to best practices</li> <li>Promote and help remediate gaps in regards to security architecture.</li> <li>Provide support for mergers, acquisitions and divestitures. </li> <li>Assess current state and maturity levels of existing security infrastructures, frameworks, methodologies, platforms.</li> <li>Coordinate and participate in the testing of security solutions.</li> <li>Conduct security architecture reviews and produce detailed documentation for Employers technology platforms and supporting solutions</li> <li>Assist in incident response process as required</li> </ul> <p> </p><p> </p><b>20% Leadership</b><br /> <ul> <li>Manage and lead security projects and/or initiatives</li> <li>Provide technical and governance leadership for business security initiatives </li> <li>Provide technical and strategic mentorship for security engineers, analysts and administrators</li> <li>Participate in staff training and development exercises</li> <li>Educate peers and security personnel about security platforms, technologies, governance and architectures (both existing and emerging)</li> </ul> <p> </p><p> </p><b>50% Strategy</b><br /> <ul> <li>Guide information security implementations &amp; policy enforcement throughout Employer</li> <li>Provide security architecture or governance recommendations and guidance to senior security leaders, IT and business stakeholders</li> <li>Design gap remediation strategies as directed by senior security leaders</li> <li>Investigate the potential impact of emerging technologies and architectures and communicate findings to senior security leaders</li> <li>Design technology platforms and infrastructures in alignment with Employer security standards and strategic roadmaps</li> <li>Develop secure architecture standards, requirements and documents including policies as directed</li> <li>Participate in the development of departmental strategic roadmaps and strategies</li> <li>Articulate architecture or governance risks to the business</li> <li>Collaborate with Enterprise Architecture on security design considerations for overall IT infrastructure needs. </li> <li>Translate business requirements into security solutions which will in turn align with Employers security program as policies and standards</li> </ul><br /><p><br /></p><b>Basic Qualifications:</b><p></p><ul> <li>7+ of experience the field of IT, Information Security, Compliance, Audit or Risk (with a broad range of exposure to all aspects of business continuity, systems analysis, risk management, application development and information security)</li> <li>5+ years of experience in leading teams or projects</li> </ul> <br /><p><b>Preferred Qualifications</b>:</p><p></p><ul> <li>Bachelor's or Masters degree in Business, Computer Science, Engineering or related discipline or equivalent experience.</li> <li>Appropriate certification preferred:</li> <ul> <li>Certificated Information Systems Security Professional (CISSP)</li> <li>Certificated Information Security Manager (CISM)</li> <li>Certificated Ethical Hacker (CEH)</li> <li>Offensive Security Certified Professional (OSCP)</li> </ul> </ul> <p> </p> <p><b>Knowledge and Skills: </b></p> <ul> <li>Exceptional technical skills and understanding of IT infrastructure, applications and governance</li> <li>Experience and a proven track record on implementation and design of industry related technologies</li> <li>Proven leadership skills </li> <li>Excellent written and verbal communications</li> <li>Ability to manage multiple complex priorities</li> <li>Solid understanding in one of the follow areas: security, compliance, audit, risk management and business continuity.</li> <li>Expert knowledge of Directory Services, Application Development, Infrastructure (networks, server and end computing devices), Software and Software distribution methods</li> <li>Expert knowledge of the Information Security Architecture deployment lifecycle</li> <li>Strong application security experience</li> <li>Solid understanding of operating system internals, networks, applications, databases, and cloud technologies. </li> <li>Expert knowledge of relevant security standards (NIST, ISO, etc) and ability to align them to secure architecture designs</li> <li>Strong knowledge of technologies that support application system environments including but not limited to:</li> <ul><ul><ul> <li>Authentication and authorization.</li> <li>Networking.</li> <li>Web technologies.</li> <li>Application servers.</li> <li>Database Management Systems.</li> <li>Web Application Firewalls.</li> <li>Web services.</li> </ul></ul></ul> <li>Familiarity with legal, regulatory and industry security requirements and frameworks. Including, but not limited to the following:</li> <ul> <li>International Organization for Standards (ISO/IEC 27001)</li> <li>Payment Card Industry Data Security Standards (PCI DSS)</li> <li>Sarbanes Oxley (SOX)</li> <li>Health Insurance Portability and Accountability Act (HIPAA) and HITRUST; HITECH</li> <li>Gramm-Leach-Bliley (GLB)</li> <li>Control Objectives for Information and related Technology (COBIT)</li> <li>Committee of Sponsoring Organizations (COSO)</li> </ul> </ul><br /><img src=";sz=1x1;ord=1234567890;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?" alt="Advertisement" rel="no-follow" /> read more

Required Skills

My Compatibility Score

Choose Match Score option: