Under Development Features: Talent Bank/Pool, VMS Intigration, Analytics, Social Integration, Reports, API Integration, Resource and Timesheets Management, Company Admin

Information Security Architect (754 views)

Philadelphia, PA (Remote)
April 22, 2022

***** Direct Client Requirement*****

Title                                    : Information Security Architect

Location                             : Philadelphia, PA (Remote)

Rate                                    : DOE /If your experience and skills match call us immediately for submission

Duration                             : 7 months

Interview Type                  : Skype or Phone

Job Type                           : W2

Experience                        : 10 Years

Job Description               :

Must-have skills:

  1. Security Architecture
  2. Application Security Design & coding
  3. Web, Mobile and Network Security

Nice-to-have skills:

  1. Security Architecture reviews
  2. Application Vulnerability Management
  3. SDLC

Looking for 8-10 years? experience –

  • The Information Architect role is responsible for improving application and systems security and will support efforts to minimize the possibility that coding, design, or configuration security vulnerabilities could work their way into production environments, presenting a potential point-of-compromise.
  • The Security Architect will maintain involvement in the organization?s Software Development Life Cycle (SDLC) process and liaise with business and technical resources. The Security Architect will review project documentation, research, and reference security policy, render recommendations and guidance, approve, or reject project artifacts from a security perspective, and perform other tasks in the pursuit of securing systems, processes, and software applications.
  • Defining security requirements by evaluating business strategies and requirements; researching information security standards
  • Providing consulting services and security support to internal business and technology customers
  • Serving as the lead security liaison on assigned projects.
  • Providing input and recommendations to the development teams related to architecture, design, coding practices and SDLC elements that could potentially impact the application or solution from a security perspective.
  • Validating controls for Encryption, Access Control, Web Application Vulnerability Detection, OWASP top 10 and other common web application security parameters.
  • Reviewing application architecture and design from an application security and information security perspective ensuring alignment with organization security standards and industry best practices.
  • Assisting with the development of secure coding standards
  • Providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information
  • Ensuring that development is done in accordance with industry standards for secure development
  • Facilitating Periodic static code analysis utilizing existing standard service offering.
  • Reviewing circumstances surrounding security gaps in and designing corrective actions
  • Facilitating dynamic and/or manual security testing utilizing existing standard service offering
  • Maintaining awareness of security and technology trends and shares that knowledge with others
  • Evangelizing security policies, standards, and nonfunctional requirements where/when needed
  • Daily and Weekly Status Reporting
  • Documenting processes, procedures, assessment outputs, working papers documentation to support existing SDLC and governance requirements
  • Representing security and IT risks among other company risk departments and committees.
  • Evaluating the effectiveness of awareness and training programs and makes recommendations for improvement.
  • Demonstrate sound understanding of at least 3 of the following control frameworks such as ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI
  • Preferred Certification in one or more Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500)
  • 5-10 years of combined IT and Information Security work experience with a broad range of exposure to systems analysis, application development, systems administration.

Additional Job Details:1 – Cybersecurity Risk Management (P4 – Expert) | 2 – Security Architecture Design (P4 – Expert) | 3 – Cloud Security Architecture (P3 – Advanced) | 4 – Enterprise Application Security Design and Testing (P3 – Advanced) | 5 – Enterprise Security Architecture (ESA) Fundamentals (P3 – Advanced) 1 – English (C1 – Expert)

*****Referral Bonus Available: Refer your friends or colleagues, get referral bonus*******

Thanks

Jill/Sam

Jill@sohanit.com/Sam@sohanit.com

PH: 470-410-8564  EXT 116/470-410-3404 EX 106

Apply here or please send to resumes@sohanit.com

Follow us on LinkedIn and Twitter for daily active requirements

LinkedIn: https://www.linkedin.com/company/sohanit-inc/?viewAsMember=true

Twitter: https://twitter.com/SohanITInc1

Pay Rate: DOE /If your experience and skills match call us immediately for submission

Job Duration: 7 Months

% Travel Required: None

Job Posted by: Consulting Services

Job ID: OOJ - 4544

Don't have time now?
Get a reminder in your inbox