IT Security Architect Lead

Recruiter
Zones, LLC
Location
Stamford
Salary
Competitive
Posted
25 Sep 2024
Closes
23 Oct 2024
Job Type
IT Security
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

Position Details:

Term: 6 months contract–to–hire with our client in the Insurance industry
Location: remote – prefer candidates based in greater Stamford CT region
Hours: Mon–Friday 8–5pm ET

The Information Security Architecture & Engineering Lead is a member of the IT Security Team who leverages extensive experience in Information Systems and Cloud technologies to develop strategies and solutions that support the business and protect against threats over the long term. The Information Security Architecture & Engineering Lead proposes and promotes standards and works closely with other IT practice leads to ensure adoption of secure designs and practices.

Candidate must have strong hands–on technical background, and should enjoy researching, designing and implementing secure modern solutions with Azure paradigms and facilities. Candidate must be highly collaborative and is expected to mentor and partner with other teams on a regular basis.

What you'll do as the IT Security Architect Lead The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • Leads the Security Architecture and Engineering practice.
  • Strong conceptual thinking and communication skills – the ability to translate complex business and technical requirements into effective and comprehensible solutions.
  • Applies strong logic and principles–based reasoning to define solutions and justify proposals.
  • Contributes to the development and maintenance of the information security strategy.
  • Works closely with other IT architects and staff to ensure that security is appropriately addressed in the definition, design, implementation and operation of all IT services, systems and platforms.
  • Researches, designs and advocates new technologies, architectures and solutions supporting security requirements of the enterprise, its customers, business partners and vendors.
  • Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits and mitigations.
  • Plays lead role in definition and implementation of security initiatives.
  • Serves as a lead engineer supporting security platforms and services.
  • Acts as a key member of the Gen Re CSIRT.
What you'll bring to the table:
  • Bachelor's or master's degree in computer science, information systems or other related field, or equivalent work experience.
  • Professional security management certification, such as a ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC–Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED).
  • Extensive expertise in NIST and ISO 27001 security practice frameworks.
  • Extensive hands–on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation correlation technologies).
  • Extensive hands–on experience operating one or more common IT infrastructures (Telecom, database, Windows and NIX systems, virtualization platforms).
  • Demonstrable experience securing and managing Cloud infrastructures (e.g. Azure, Kubernetes).
  • Proficiency with scripting/programming languages (e.g. Python, Powershell).
  • Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, Oauth, SAML).
  • Expertise with enterprise certificate management and PKI services.
  • Familiarity with the benefits and risks of AI/ML with respect to Security.
  • Familiarity with U.S. and international Data Privacy and Security regulations and best practices (NYDFS, GDPR, etc.).
  • Familiarity with a relevant enterprise architecture methodology (e.g. Zachman Framework, TOGAF, SABSA).
  • Exceptional diplomacy and ability to receive and communicate constructive criticism/areas needing improvement to development team and explain why compliance to standards are needed.

The following are not essential, but are highly valued:

  • Professional experience in application or infrastructure penetration testing.
  • Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Ansible, etc.).

While we're committed to providing top–tier solutions, we're just as committed to supporting our own team. Our employees enjoy a variety of comprehensive benefits, including medical/dental/vision coverage, life insurance, a 401(k) plan with matching provision, paid time off, and much more. And as a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.

At Zones, work is more than a job – with exciting careers with a global team who are client centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you're interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or disability.