Description
Excellent opportunity for my client a Fortune 500 company:
Summary:
Responsible for contributing to and supporting security technology solutions with emphasis on architect secure software development life cycle, standards, best practices, PKI, authentication, access management, vulnerability and threat assessments, network architectures, security test practices and more. Monitors emerging security technologies and technology practices for potential use within the Company. Designs and develops updated security within infrastructure, cloud, app, endpoint and CPE in support of one or more business processes. Helps to ensure a balance between tactical and strategic technology solutions.
Considers securing our product business end-to-end: including people, process, and technology, both within and outside the enterprise, as part of any design solution for our customer facing products, platforms and services. Mentors, reviews codes and verifies that design best practices and that coding and architectural guidelines are adhered to. Identifies and drives issues through closure. This individual must be a consensus builder, a team player and a steady guide.
Core Responsibilities:
- Contribute to and/or lead various product security architecture efforts to ensure products include security into their design, development and operations.
- Interfaces with many teams across the organization to ensure an efficient and effective security solution meets the business needs.
- Ensures solutions are well engineered, operable, maintainable, and delivered on schedule.
- Guide threat analysis, technology assurance and technical auditing
- Develops, documents, and ensures compliance for security best practices including but not limited to the following coding standards, design, platform, cloud and network specific design concerns.
- Creates, tracks and documents security requirements for development projects and enhancements.
- Monitors current and future security trends, technology and information that will positively affect products and services as well as applies and integrates emerging technological trends to new and existing systems architecture.
- Mentors team members in relevant security technologies and implementation architecture.
- Communicates security technology direction.
- Works with stakeholders to define security requirements.
- Applies new and innovative ideas to old or new problems. Fosters environments that encourages innovation. Contributes to and supports effort to further build intellectual property via patents.
- Manage third party security technology across multiple platforms and products.
- Support test, troubleshooting and operational issues alignment with security designs and architectures.
- Work with big data, metrics and data analytics tools to help manage large volumes of security reporting systems.
- Consistent exercise of independent judgment and discretion in matters of significance.
- Other duties and responsibilities as assigned.
Required Skills:
- Architected security for major products and initiatives
- Proficient at protocol development
- Proficient at software development life cycle security
- Proficient at identity, authentication and authorization systems
- Proficient at understanding cryptographic trust based systems
- Cloud security knowledge preferred
- Coding experience preferred
- PKI knowledge helpful
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Poise and ability to act calmly and competently in high-pressure, high-stress situations
- Enjoys working in a demanding, and a very dynamic environment
- Good natured and positive with people
- Security expertise in one or more relevant areas
- Must have strong problem-solving skills
- Ability to manage multiple projects with strict timelines
- High level of personal integrity
- Ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- High degree of initiative and be well organized
Experience:
- 11+ years experience in technology based industry
- 5+ years experience working with software development life cycles
Preferred Certifications:
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Licensed PEN Tester (LPT), Certified Ethical Hacker (CEH), Global Information Assurance Certification (GIAC), Certified Secure Software Lifecycle Professional (CSSLP), Other software development life cycle certifications
Education Level:
Bachelors Degree or Equivalent
Field of Study:
Engineering, Computer Science