Senior IT Application Security Architect

A Senior IT Application Security Architect who will serve as a Subject matter expert in compliance & security standards across the ECON Directorate-wide IT landscape, deep understanding of enterprise risk management methods, and techniques to drive successful outcomes in a complex environment. Also provide expertise in database auditing, archive, backup/recovery, and business continuity processes in distributed operations.

Responsibilities:

  • Provide guidance and direction with penetration testing, incident handling/digital forensics, continuous monitoring, intrusion detection/prevention, vulnerability management.
  • Implement tools, policies, standards, processes, and communications that support information security initiatives.
  • Identify vulnerabilities, misconfigurations, and related patches.
  • Engage with internal product teams, architects, and business leaders to understand and inform product roadmaps and security needs.
  • Communicate security architecture strategy and roadmap clearly.
  • Define security requirements and checklists for all security disciplines.
  • Serve as technical security/risk advisor on new technologies.
  • Work with enterprise security governance team to comply with internal Service Level Agreement (SLA) and policies.
  • Research security technologies and maintain knowledge of current and emerging technologies/products/trends related to security architectural solutions.
  • Determine security requirements by evaluating business strategies, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing cost estimates.

Required Skills:

  • Certified Information Systems Auditor (CISA)
  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Security Professional (CISSP) Certified
  • Knowledge of combining hardware and software with programming proficiency to research and preempt potential threats
  • Ability to articulate and disseminate computer security policies and procedures
  • Experience with Risk Management and Asset Security
  • Experience with Computer networking principles

Preferred Skills:

  • CompTIA Security+ Certified
  • Cloud Security Professional (CCSP) Certified