Title: Business Solution Security Architect #934
Right to Hire: No
Contract Duration: 6 Months +
Environment: Business Casual
Location: San Francisco, California
Interview Mode: Phone/Skype
Client: E&Y
Minimum Requirements:
1. Agile & DevOps Methodologies – Experience as a contributing member of a balanced team within an Agile development or DevOps environment.
2. Application Security - Experience with the design of security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.
3. Infrastructure Security – Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions.
Although not required, it is preferred that candidates possess additional working security experience and knowledge in one or more of the following areas:
4. Cloud Security –Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud based solutions
5. Operational Security – Experience with defining operational models and procedures for business solutions including the operation and maintenance of infrastructure and application security controls.
6. Information Security Standards – Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.
Description:
The Business Solution Security Architect will design, integrate and implement security architectures for cloud and on premise based revenue generating business solutions. The architect will embed within Agile teams to identify and prioritize security-related user stories, epics and themes, create secure-by-default designs that balance business benefit and risk, provide security guidance and facilitate delivery of information security services throughout Agile lifecycle.
The architect will also perform risk assessments of cloud and on premise applications and infrastructure, develop appropriate risk treatment and mitigation options based on industry standard security controls, and effectively articulate findings and recommendations to IT project teams and management. The architect is expected to work in a highly collaborative global environment; demonstrate excellent interpersonal, communication, and organizational skills working with an Agile environment; and adjust to multiple demands, shifting priorities, ambiguity, and rapid change.
The architect shall have significant working security experience and knowledge in the design, implementation and operation of security controls in one of the following areas:
•
Last updated on Dec 21, 2016