Information Security Architect

posted on January 14, 2022

Job Description

Location: Chicago, IL

Duration: Permanent

Responsibilities: 

  • Bachelors  degree or equivalent experience
  • 8+ years’ work experience in information security and/or related functions (such as IT Audit, Risk Management or Security Architecture
  • Competencies in the developing and deploying security controls across the OS-Level virtualization container technology (Docker) and the orchestration tools (Kubernetes).
  • Deep understanding of the following concepts, practices, and technologies: network security and perimeter security, firewalls, IDS/IPS, SIEM, workstation, mobile device, and network design standards.
  • Expert knowledge of and experience in developing and documenting security architecture and plans (e.g. development and deployment roadmaps) and using process modeling tools and techniques.
  • SOX and HIPAA experience in dealing with IT general controls (ITGC), demonstrated through hands-on audit, remediation, and/or computer system validation.
  • Excellent understanding of current Information Security & Architecture trends and their impact on business strategies including: key Information Security vendors and solutions, audit organizations and influential market research firms.
  • Excellent communications and influencing skills with strong ability to balance differing stakeholder interests through sound analysis and persuasion.
  • Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
  • Ability to formulate network security architecture vision and translate vision into execution.
  • Thorough understanding of Information Security frameworks and practices (e.g. ISO, NIST), architecture standards (e.g. TOGAF and SABSA) and proven ability to strike a balance between an academic and pragmatic approaches.
  • Need someone who understands Security from a physical layer and all the way to the application layer.
  • If you’re implementing an application or a technology, where does Security fall into all those pieces/areas…from physical to the network to link to protocols to ports to API’s. This person needs to understand all of that across the board
  • Needs someone who can sit down with the team and help them understand where they might run into some issues because they didn’t do something correctly
  • This position leans more to the technical side but having the experience working with the business units is a plus. They already have several people in place who work/speak with the business units
  • Understanding how to build Security Architecture reference models, understanding how to build strategies, understanding how to build design patterns
  • Understanding what threats are out there
  • This person must think like a hacker. If we implement all this technology a certain way, how can a hacker get around every single control that was put in place and what needs to be done to get us to an acceptable risk appetite
  • This person should know containers, containerization, how to secure that
  • Infrastructure
  • DevSec Ops – know how to get security built into the DevOps process and make it automated/useful

 

More jobs at Mediant Health Resources

Cloud Network Engineer

posted on December 8, 2021

Sr. Development Operations Engineer

posted on December 17, 2021