Vacancy caducado!
Resp & Qualifications
PRINCIPAL ACCOUNTABILITIES: Reporting to the Director of Information Security, Architecture & Engineering, the Security Architect’s accountabilities include, but are not limited to, the following:Support Infosec and the Business:- Performs reviews of new business solutions and ensure they meet security requirements and objectives
- Creates high-level security requirements for key security projects and in initiatives.
- Supports security projects in designing and implementing solutions
- Develop processes and procedures for managing and maintaining security systems
- Creates and maintains security architecture artifacts (patterns, blueprints, building blocks, guardrails) aligned with CareFirst security policies and guidelines that can be reused for new solutions and initiatives
- Develops and collaborates on security roadmaps and strategies based on enterprise architecture practices
- Develops component and physical architectures in collaboration with IT and the business to enable security-by-design
- Coordinates with IT Operations and Software Development teams to design and build secure solutions and services in standardized and automatable patterns
- Collaborates with other teams for joint design sessions and decisions
- Represents Information Security across the enterprise and plays a key role in communicating the policies, goals, and road map of the team.
- Collaborates with Enterprise Architecture, IT, Security Operations to identify security improvements in the enterprise environment
- Reviews security technologies, tools, and services, making recommendations to the broader security and IT organization for their use
- Performs threat modeling on new applications, systems, and services
- Leads complex projects/issues that require in-depth knowledge across multiple technical areas and business segments
- Considers company strategy and direction when researching new solutions and opportunities
- Provides key presentations and documents to senior executive management to provide recommendations for critical design decisions
- Advocates and enforces security requirements and objectives, while ensuring that security architectures and practices enable the needs of the business
- Communicates progress, updates, and any obstacles or support requirements to Infosec leadership
- This position requires a BA/BS in computer science or related IT field or equivalent experience
- 8+ years of IT experience. including 5 years of combined experience in Information Security and Security Architecture.
- or permanent resident.
- Proven leadership skills, interpersonal skills and the ability to build relationships across the enterprise. Must be able to influence and work with diverse teams with different backgrounds and motivations.
- Strong written and verbal communication skills and a demonstrated ability to clearly articulate and communicate complex subjects and solutions.
- Subject matter expertise in multiple security domains, such as application security, identity and access management, network security, encryption, operating systems, and vulnerability management
- Proven track record of performing in-depth research and introducing new security solutions and technologies
- Ability to translate functional and technical business requirements into secure technical implementations
- Fast learner with a commitment to personal growth in the domain of Information Security.
- Experience with architecture and security frameworks, such as TOGAF, SABSA, and NIST CSF
- Experience with compliance requirements, such as FISMA, HIPAA, and PCI-DSS
- MS in Computer Science or related field
- One or more common security certifications, such as CISSP, GIAC, CISM
- Hands-on cloud experience, with one or more certifications
- Familiarity with Kafka, Kubernetes/containers, automation, and CI/CD pipelines
- Familiarity with Agile methodology and DevSecOps
Vacancy caducado!