The Senior Information Security Architect is responsible for developing and maintaining robust security architectures and strategies for safeguarding the organization's cloud-based infrastructure, applications, and data. This role requires a deep understanding of cloud security technologies, compliance standards, and best practices to ensure the confidentiality, integrity, and availability of sensitive information. The Information Security Architect will collaborate with cross-functional teams to design, implement, and manage security solutions in cloud environments.
Essential Functions
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Security Infrastructure Architecture:
Develop and implement a comprehensive security architecture for on-premises and cloud technologies that are aligned with the CISO’s overall strategy for the information security organization.’.Stay current with emerging on-premises and cloud security threats, vulnerabilities, and trends to proactively address potential risks.Actively participate within ACA technology Committees where solutions are evaluated for the enterprise Design and document secure on-premises and cloud security architectures, considering multi-cloud and hybrid cloud environments.Create and maintain security reference architectures, patterns, and guidelines.Understand and participate in the configuration of solutions and strategies that satisfy NIST Cybersecurity Framework control objectives in collaboration with the department’s GRC team.Identity and Access Management (IAM):
Implement robust IAM solutions to manage user access, roles, and permissions effectively.Enforce strong authentication and authorization mechanisms.Assist the IAM team with privileged access management (PAM) solutions and deployment architectures.Data Protection:
Develop strategies for data encryption, PKI, tokenization, and masking in the cloud and on-premises.Architect data loss prevention (DLP) measures and systems to protect sensitive information. Provide architecture advisory and solutions that satisfy NIST data protection controls.Network Security:
Provide architectural design and implementation guidance to information security teams to secure network configurations in the cloud and on-premises, including firewall rules, virtual private networks, and network segmentation.Implement network monitoring and intrusion detection systems.Compliance and Governance:
Ensure cloud and on-premises environments comply with industry standards and regulations (e.g., HIPAA, PCI DSS, NYDFS, NIST).Collaborate with GRC teams to ensure proper monitoring and reporting mechanisms.Maintain an active role within the enterprise GRC teams within Information Security, Compliance, and Internal Audit.Security Operations:
Collaborate with the security operations center (SOC) to define incident response procedures and threat hunting strategies specific to cloud and on-premises environments.Assist with continuous improvement of ACA SOC operations where security logs and events are monitored and analyzed to detect and respond to security incidents promptly.Assist the SOC teams to ensure appropriate level of alerting is configured across all environments.Security Testing and Assessment:
Support regular security assessments, vulnerability scanning, and penetration testing of assets.Advise upon identified vulnerabilities and assist with translating risk ratings to ACA risk rating.Security Awareness and Training:
Assist with training programs for employees and other stakeholders.Promote a culture of security awareness and compliance within the organization.Vendor and Third-Party Risk Management:
Assess security risks associated with cloud service providers and third-party integrations.Review and recommend security terms within cloud solution contracts (includes SaaS, IaaP solutions)Strategy Planning:
Evaluate documented architectures and analyze trends for ways to prevent future problemsResearch and recommend innovative, and where possible, automated approaches for information security team tasks.Identify approaches to solutions that leverage our resources and provide economies of scaleKeep current with the latest security technologies and coach staff regarding leading and best practice strategies and solutionsPersonal Attributes:
Ability to conduct research into a wide range of computing issues as required Ability to absorb and retain information quickly Ability to present ideas in user-friendly language Highly self-motivated and directed Keen attention to detail Ability to effectively prioritize and execute tasks in a high-pressure environment Exceptional customer service orientation Experience working in a team-oriented, collaborative environment Have a strong desire to learn continually and grow professionallyQualifications
College diploma or university degree in the field of computer science or management information systems is preferred.A minimum of 10 years IT experience; at least three of those years focused on IT security, infrastructure, cloud or application-level vulnerability testing and remediationStrong understanding of enterprise, network, system, distributed application and application-level security issues.Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).Understanding of the system hardening processes, tools, guidelines and benchmarks (including MITRE ATT&CK framework). Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.Basic knowledge of Linux, Windows, systemsCoding and/or scripting experience required Working knowledge of a range of diagnostic utilities Exceptional written and oral communication skills Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills Strong documentation skills CISSP Certification preferred Cloud Architect Certification preferredCloud Security Certificate preferredAWS, Azure, or Google Cloud Platform experience is a requirement for the senior position within the organization Implementation experience with privileged access management (PAM) solutions.
Supervisory Responsibility
This position may have supervisory responsibilities.
Work Environment and Physical Demands
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
Position Type/Expected Hours of Work
This is a full-time position with a work schedule of Monday-Friday with some schedule variations of weekday, weekend, and sometimes monthly on-call duties as needed.
Travel
This position will require up to 5% local travel.
EEO Statement
ACA provides equal employment opportunities (EEO) to all applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. ACA complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities.
California Privacy Notice
"As an employer of California residents, we are dedicated to protecting your privacy rights. Any personal information you provide during the application process will be used solely for permitted internal purposes and will be handled in accordance with applicable privacy laws. By applying to this position, you consent to the collection, use, and disclosure of your personal information as described in our Employee Privacy Notice."
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
#LI-EP1
Options Apply for this job onlineApplyShareRefer this job to a friendRefer <p style="margin: 0px;">Sorry the share function is not working properly at this moment. Please refresh the page and try again later.</p> Share on your newsfeed Send this job opportunity to a friend, colleague, or family member: Application FAQs
Software Powered by iCIMS
www.icims.com