A Senior IT Application Security Architect who will serve as a Subject matter expert in compliance & security standards across the ECON Directorate-wide IT landscape, deep understanding of enterprise risk management methods, and techniques to drive successful outcomes in a complex environment. Also provide expertise in database auditing, archive, backup/recovery, and business continuity processes in distributed operations.
- Provide guidance and direction with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, vulnerability management.
- Implement tools, policies, standards, processes, and communications that support information security initiatives.
- Identify vulnerabilities, misconfigurations, and related patches.
- Engage with internal product teams, architects, and business leaders to understand and inform product roadmaps and security needs.
- Communicate security architecture strategy and roadmap clearly.
- Define security requirements and checklists for all security disciplines.
- Serve as technical security/risk advisor on new technologies.
- Work with enterprise security governance team to comply with internal Service Level Agreement (SLA) and policies.
- Research security technologies and maintain knowledge of current and emerging technologies/products/trends related to security architectural solutions.
- Determine security requirements by evaluating business strategies, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing cost estimates.
- Certified Information Systems Auditor (CISA)
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP) Certified
- Knowledge of combining hardware and software with programming proficiency to research and preempt potential threats
- Ability to articulate and disseminate computer security policies and procedures
- Experience with Risk Management and Asset Security
- Experience with Computer networking principles
- CompTIA Security+ Certified
- Cloud Security Professional (CCSP) Certified