Sr. IT Security Architect
San Francisco, California
Our client is seeking an experienced Sr. IT Security Architect to join their fast growing team in San Francisco, CA.
This is long term contract role, and require individuals hired to complete a background and drug test, and work as W-2 employees of 2rbConsulting. No visa sponsorships or relocation is provided.
The Senior Security Architect provides security consulting support to business and project teams as to risk assessments and security controls, ensure architectural alignment relative to meeting defined security requirements and working to promote business enablement while maintaining an appropriate security posture relative to risk. The Senior Security Architect also works to identify opportunities for standardization of security controls and practices across the enterprise rather than point solutions with the objective of making security, including technologies, processes and people, an intrinsic competency rather than an afterthought in addressing business and IT needs.
This role will focus on security matters across all aspects of the enterprise including the development and/or acquisition of applications, databases and systems solutions that are responsive to business needs, address the technical requirements and are aligned with company security strategies, policies and standards. This position plays a key role in helping to drive for maturation and effectiveness of our security controls while working to maintain a balanced approach commensurate with risk.
- At least 10-15 years of related IT security and Security Architecture experience plus demonstrated ability to perform a risk-based approach to securing applications, databases or infrastructure based upon IT and business needs
- Experience in designing, architecting, and implementing complex enterprise applications, infrastructures, platforms and systems with security built in
- Understanding of software development methodologies and the security controls needed to support secure SDLC principles
- In depth understanding and knowledge of network security capabilities and best-practices (e.g. IPS/IDS, firewalls, proxies, BYOD, wireless security)
- Persuasive in influencing strategic security architecture direction, framing reference architectures and pattern components, specifying policies and standards, drive consensus on target state architectures, and influence roadmaps
- Skilled in applying strategic architecture direction to project delivery using standard engagement methods
- Fundamental working knowledge of industry-standard enterprise architecture models (e.g. TOGAF, NIST, SABSA) and approaches
- General understanding and familiarity with protecting against web and web services security vulnerabilities including the OWASP Top Ten and the SANS Top Twenty Five software errors
- Knowledge of HIPAA, HITECH, PCI-DSS, ISO 2700X and proper application of the Security and Privacy Rules. Preferred knowledge of the HITRUST Common Security Framework and more prescriptive security requirements and controls
- Strong business acumen and a commitment to integrity, process improvement and customer satisfaction
- Broad understanding of distributed, highly-available computing environments, and proactively addressing threats and vulnerabiliti
- es at all layers
- Experience with TCP/IP and related protocols
- Knowledge and experience with securing virtualized platforms and solutions like IBM Portal Framework and VMWare ESX highly desired.
- Knowledge of healthcare industry and industry related technology would be a strong plus
- Bachelor's degree in Computer Science, Engineering or related field or equivalent work experience.
- Ability to rise above the security related FUD and focus on specific work priorities and execution with positive outcomes.
- CISSP, CCSP, CISM or other security and/or Enterprise Architecture methodology certifications preferred
If this opportunity sounds interesting to you, and you'd like to learn more, submit your resume for immediate consideration!
Candidates selected for these contract opportunities will be required to pass a background check and drug screen.
You will also be required to work directly with 2rbConsulting as a W-2 employee, no 1099 or 3rd Party Candidates will be accepted.