Security Architect/Engineer - Controls Implementations

US  ‐ Remote
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Safety Principles National Institute of Standards and Technology (NIST) Security Controls Computer Security Amazon Web Services Architecture Cloud Computing Control Objectives for Information and Related Technology (COBIT) Identity Management Security Engineering Public Key Infrastructure Security Requirements Analysis Testing Software Security Sensitive Compartmented Information (SCI Clearance) Firewalls (Computer Science) Windows Services Access Network Automation Business Informatics Certified Information Systems Security Professional Certified Information Security Manager Certified in Risk and Information Systems Control Project Planning Global Information Assurance Certification IT Risk Management Market Research Mathematics Open Web Application Security Software Engineering Statistics Systems Design System Safety Certified Information Systems Auditor Network Access Control In-Plane Switching (IPS) Risk Management

Description

NO SPONSORSHIP - C

Security Engineering/Architect - Controls

Rate: Open C2C

LOCATION: Remote if in: IL, TX, FL, GA, MA, MD, MN, NC, NJ, NY, DC, WI

Looking for a candidate with security architecture, security controls, cloud on premise design implementation. Application security control implementation, control validation adversarial testing windows services end users NIST CSF FFIEC OWASP IAM network access control PKI Firewalls IPS AWS COBIT NIST NIST CSF ISO experience working with regulatory frameworks SCI CFTC 99.18 etc.

Description:

This position will support the Security Architecture team responsible for architecture of the security controls environment in the cloud and on-premise and ensuring that security requirements are met in systems design and implementation. This individual will work with the Security Architecture team to problem solve, define requirements and scope for application security, Control implementation, control validation and adversarial testing. The position will include extensive interaction with IT, Security Engineering, Security Assurance, EPMO, Windows services, and end-users for the duration of the engagement.

    • Conduct architectural Security control validation testing processes
    • Define security requirements aligned with current threat intelligence and industry standards such as the NIST CSF, CSA, FFIEC, OWASP
    • Review current system security measures and recommending and implementing enhancements.
    • Conduct market surveys of security tooling to identify potential replacements or upgrades to enhance security and resilience
    • Partnering with IT department to design and implement effective Embedded security capabilities
    • Drive the maturation and automation of Security information dissemination and oversight processes
    • Support Security Assurance in assessing the effectiveness of planned remediations for identified security defects
    • Produce reporting and documentation artifacts for leadership and staff relating to security related activities
    • Ensure alignment of security controls and supporting services and related policies and procedures with applicable regulations and industry standard best practices
    • Assists Security Analysts, transferring technical and risk management knowledge
    • Assist in project planning, program development, and process formalization.
    • Perform other duties as assigned

SKILL AND EXPERIENCE REQUIRED:

    • Bachelor degree in Computer Science, Management Information Systems, Statistics & Quantitative Modeling, Mathematics a plus or the equivalent combination of education and/or relevant experience.
    • 10 years hands-on Information Security architecture or engineering
    • Experience with design and specification of security control technologies such as IAM, Network Access Controls, PKI, Firewalls, IPS
    • Experience with AWS and cloud-native tools desired; training provided as needed.
    • Advanced understanding of information related frameworks and standards such as COBIT, NIST 800-53, NIST CSF, ISO etc.
    • Experience in security risk management principles and practices.
    • Experience in working with regulatory frameworks and requirements relevant to OCC such as, Reg SCI, CFTC 99.18, etc.
    • Professional security certifications a plus (ie, AWS, CSA, GIAC, CISSP, CISA, CISM, CRISC)
Start date
n.a
Duration
6 months
From
Request Technology - Robyn Honquest
Published at
09.08.2024
Project ID:
2783422
Contract type
Freelance
Workplace
100 % remote
To apply to this project you must log in.
Register