* Leads the planning, design, and engineering of enterprise-level security infrastructure and platforms
* Responsible for adopting cyber security technologies, infrastructure and applications to meet the organizations requirements
* Program architect for company security and infrastructure program
* Participate in developing and maintaining IT infrastructure and cyber security strategy and associated roadmap;
* Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
* Participate in cyber security standards, policies and procedures preparation
* Maintain design documents of systems in production
* Security vendor management
* Mentoring cyber security and architecture team members
* Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
* Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
* Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
* BS degree in Information technology or related
* CISA, CISSP, CISM or equivalent
* ITIL Foundation
* Relevant National Institute of Standards and Technology (NIST) standards. A system that is not in compliance with the standards set by NIST, along with ISO27001 or COBIT will lack both compliance and adequate security architecture.
* ISO27001 - specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization"s risk management
* Control Objectives for Information and Related Technologies (COBIT)
* Understanding of Service-Oriented Architecture and the basics of IT budgeting
* Experience implementing automation capabilities
* IT Infrastructure Design (Datacenter, OS, Storage, Network, etc.)
* Windows and Unix systems both on- and off premise environment
* Strategic planning