Job Description

** (NO OPT OR H1B CONSIDERATION AVAILABLE) **

Our Client is seeking to hire an enterprise-level Security Solutions Architect to join an agile cloud infrastructure team. You will be a part of a global security team and will be responsible for deployments within the public cloud.

JOB DETAILS:

The Security Solution Architect will lead and will act as an subject matter expert in all areas of infrastructure security as it relates to policies, standards, technology standards and business architecture. This person will provide security direction to the program/project(s) on a global basis.

The Security Solution Architect must be able to define high-level business requirements and communicate them into technical requirements which will be used by Architects and Engineers alike. Additionally, you must also be able to articulate a large variety of technical nomenclature to a non-technical audience of peers.

The Security Solution Architect will provide minimum security requirements and to ensure that a delivered solution is fit for the organization and operative when transitioned into service. The Security Solution Architect will also identify services to be integrated into the overall security solution and work with internal teams to ensure implementation across the environment.

KEY ACCOUNTABILITIES

o Provide a deep set of security practices which will help steer the program on related security matters.

o This includes formal requirement gathering and technical standard input to projects during the pre-sanctioning, start-up, requirements, and design stages to ensure that measures have been appropriately considered and are appropriate.

o Offer security related guidance that may be required during the build and testing stages of each project(s).

o Provide technical security input as required by the security policy development team.

o Review and design complex application and technology architectures.

o Coordinate technical design/review activities with various segments.

o Evaluation and maintain systems and procedures, providing requirements to safeguard information systems and databases.

o Research and recommend/implement change to procedures and systems to enhance security aligned with corporate policies and controls.

o Present the Security Organization ensuring ease of engagement during projects and major programs.

o Account for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.

o Identify residual risk and assure they are captured and owners are identified and accept the risks with each.

o Continuously review standardization and process improvement with a advice to automate where possible.

o Partial travel may be required from time to time (may include global responsibilities).

QUALIFICATIONS

o Knowledge of wider information security related principles, likely to be gained in industry or from a consultancy background.

o Strong comfort level knowledge with TOGAF and SABSA.

o Skilled in creating technology standards. Experience with presenting security requirements and necessary security services to the security and/or enterprise governance boards for acceptance and approval.

o Ability to perform threat modeling, ensuring proper controls and services are identified and incorporated into the design.

o Experience with cloud based security controls (secure web gateway, next gen firewall, cloud access security broker)

o Knowledge and experience with technical security solutions such as IDS/IPS, secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions.

o Strong background in IT network security (secure LAN, WAN, vLAN, MPLS, Netflow, SNMP and secure network zoning and restricted network design), database, operating system and application security.

o Strong knowledge of data and information flows, information governance, network protocols.

o Knowledge of security hardening techniques and policy development, particularly operating system hardening (e.g. Windows, UNIX, Oracle).

o Experience in integration with a SIEM, or working within a system monitoring environment.

o Experience in vulnerability and risk management processes.

o Experience of incorporating security controls at each stage of the software development lifecycle process (ITIL).

o Experience of designing and managing security controls within service providers and the cloud.

o Proven track record of successfully delivering business requirements to time and budget constraints.

o Familiar with contract management, ensuring security controls are referenced within the agreement.

o Strong communication (Written and Verbal), leadership and partnering skills.

o Able to demonstrate a high degree of credibility and influence senior stakeholders within the organization.

o Able to operate as a highly independent worker and as part of a strong team/collaborative approach.

o Prior Critical National Infrastructure (CNI) and utility industry experience preferred.

o Preferably given to somebody who has done hands on IT in the past and understands the pragmatic approach sometimes required.

Company Description

Devonshire Recruiting & Consulting Partners is a leading search and consulting firm headquartered in Boston, Massachusetts and with a global footprint in more than 5 countries. As an independent, employee-owned organization, we share a single-minded focus to produce impactful and measurable results for our clients and candidates. Our experienced team of partners offers the depth, breadth and specialized business experience necessary to deliver top talent within demanding time frames.