Information Security Architect
Start Date: Immediate
Term: 6 months, renewable
Job Description:
· Our client is seeking an Information Security Architect to leverage extensive experience in information systems and security to develop strategies and solutions that adapt to changing threats over the long term.
The architect shall develop architectures, solutions and standards and works closely with other IT practice leads to promote secure designs and practices.
· Candidate must have strong hands-on technical background, and must demonstrate operational, architectural and security expertise at all layers of the OSI stack. Candidate must be highly collaborative and is expected to mentor and partner effectively with other teams on a regular basis.
· Specific Responsibilities: Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.
· Applies strong logic and principles-based reasoning to define solutions and justify proposals.
· Contributes to the development and maintenance of the information security strategy. Works closely with other IT architects and staff to ensure that security is appropriately addressed in the definition, design, implementation and operation of all IT services, systems and platforms.
· Researches, designs and advocates new technologies, architectures and solutions supporting security requirements of the enterprise, its customers, business partners and vendors. Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits and mitigations. Plays lead role in design and implementation of security initiatives. Serves as lead engineer supporting security infrastructures.
· Acts as a key member of the CSIRT
Experience/Skills Required:
· Extensive expertise in NIST and ISO 27001 security practice frameworks.
· Extensive hands-on experience with security infrastructures (e.g., Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation correlation technologies).
· Extensive hands-on experience operating one or more common IT infrastructures (Telecom, database, Windows and *NIX systems, virtualization platforms).
· Proficiency with scripting/programming languages (e.g., Python, PowerShell) Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, Oauth, SAML) Expertise with enterprise certificate management and PKI services.
· Familiarity with international data privacy and U.S. HIPPA regulations and best practices.
· Familiarity with a relevant enterprise architecture methodology (e.g., Zachman Framework, TOGAF).
The following are not essential but are highly valued-
Professional experience in application or infrastructure penetration testing Demonstrable expertise with configuration automation practices and toolchains (e.g., Chef, Puppet, Ansible, etc.…) Demonstrable experience creating, securing, and managing Cloud infrastructures (e.g., Azure, Kubernetes,)
Education:
Bachelor or master degree in computer science, information systems or other related field, or equivalent work experience.
Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED).
__
About the Company
Bounteous x Accolite makes the future faster for the world's most ambitious brands. Our services span Strategy, Analytics, Digital Engineering, Cloud, Data & AI, Experience Design, and Marketing. We are guided by Co-Innovation, our proven methodology of collaborative partnership.
Bounteous x Accolite brings together 5000+ employees spanning North America, APAC, and EMEA, and partnerships with leading technology providers. Through advanced digital engineering, technology solutions, and data-driven digital experiences, we create exceptional and efficient business impact and help our clients win.
