Strategy/GRC/Controls Architect - FCH | Jobs with Virtelligence

Strategy/GRC/Controls Architect - FCH On Hold

Location: Wisconsin Country: United States
Zack Wilson

Zack Wilson is recruiting this position.

email me  linkedin

Job Description

Duties:

1. Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
2. Develop security strategy plans and roadmaps based on sound enterprise architecture practices
3. Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
4. Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
5. Participate in application and infrastructure projects to provide security-planning advice
6. Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
7. Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
8. Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
9. Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
10. Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool

Skills:

As a senior member of Information Security team the enterprise security architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services, evaluate and incorporate emerging technologies and evaluate changes to the threat landscapes. Interacts with senior leaders 
Minimum of ten years of experience in a related field. Strong oral and presentation skills.
In-depth knowledge of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
Strong knowledge of laws and regulations including but not limited to PCI-DSS, HIPAA-HITECH.
Experience in using architecture methodologies such as SABSA, Zachman, or TOGAF
Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
Strong working knowledge of vulnerability management practices and tools
Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
Direct experience designing IAM technologies and services such as AD, LDAP, and/or AWS IAM
Strong working knowledge of IT service management – ITIL related services – Change management, Configuration management, Asset management, Incident management, Problem management, etc…
Experience designing and securing applications and infrastructures in cloud environments such as AWS and/or Azure

Education:

Bachelors in Computer Science or similar degree is preferred.

Languages: English  Read  Write  Speak Attachments:    Skills and Experience Skills:

Required

  • ARCHITECTURE
  • ASSET MANAGEMENT
  • AUDIT
  • CHANGE MANAGEMENT
  • CONFIGURATION MANAGEMENT

Additional

  • ENCRYPTION
  • FIREWALLS
  • HIPAA
  • IAAS
  • INCIDENT MANAGEMENT
  • INFORMATION SECURITY
  • INTELLECTUAL PROPERTY
  • INTERNAL AUDIT
  • INTRUSION
  • ISO
  • ISO 27001
  • IT INFRASTRUCTURE
  • ITIL
  • LDAP
  • MALWARE
  • METRICS
  • NETWORK OPERATIONS
  • NETWORK OPERATIONS CENTER
  • NIST
  • NOC
  • OPERATIONS
  • PCI
  • PRESENTATION SKILLS
  • RISK MANAGEMENT
  • SAAS
  • SECURITY
  • SECURITY INFRASTRUCTURE
  • SEGMENTATION
  • SIEM
  • SOC
  • SOFTWARE AS A SERVICE
  • TRANSLATE
  • VENDOR MANAGEMENT
  • VM
  • ZACHMAN
Languages: English( Speak, Read, Write ) Minimum Degree Required: Associate's Degree (Community College, MBO)
  • Status:
    On Hold
  • Skills

    Architecture: 8 years

    Audit: 8 years

    Asset Management: 8 years

    Configuration Management: 8 years

    Change Management: 8 years