Solutions Security Architect
Solutions Security Architect
Job Description:
The Solutions Security Architect serves as a vital member of the Security Architecture Team, Information Security Office.
This position will be part of a team that assists the Office of Information Technology and supports the agencies with meeting the requirements set forth by the Information Security Office.
This position provides a broad range of services in strategy and consulting, interactive, technology, and operations, with digital capabilities across all these services.
The Solutions Security Architect is responsible for leading the development of information security architecture with a focus on application security and ensuring technology initiatives are implemented within the guidelines of industry frameworks including NIST800-53(r5) in order to maintain and improve our environment's security posture.
They will be accountable for strategic planning, architecture, and securing enterprise information by identifying network and application security requirements and implementing and testing security controls and procedures.
The primary area of focus for the Solutions Security Architect is to advise the Chief Information Security Officer in developing risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address cyber Security, Cyber Defense, and the needs of the enterprise.
To meet these requirements the successful candidate must be knowledgeable about how security architecture fits into the broader security program and understands the security concepts outlined by the National Institute of Standards and Technology (NIST).
The successful candidate will adapt and leverage both MaineIT policy and system security technology stack to reduce new or existing risks and assist the team as we work to bolster our security posture.
Key
Responsibilities:
Define information security strategies, including guiding principles and future state vision, ensuring that the strategic objectives are aligned with business goals.
Develop and implement security policies and standards in alignment with industry best practices, state and federal regulations, and emerging security technologies.
Collaborate with internal and external stakeholders, including IT teams, vendors, and State agencies, to ensure that security measures are integrated into all technology solutions.
Provide technical guidance and expertise to IT teams and other stakeholders on security-related issues primarily in the application space.
Work closely with customer stakeholders to identify and mitigate risks, perform security reviews, design top-tier security practices, and deliver strategic, innovative cloud-based security offerings.
Stay up to date on the latest security threats, trends, and technologies, and recommend solutions to mitigate risks.
Engage in a variety of solutioning sessions which include key subject matter experts, these sessions are designed to quickly produce secure and viable solutions to critical business use cases.
Knowledge, Skills, and Abilities Required:
Expertise in conducting product research to make informed information security assessments.
Expertise in application security
Expertise in the assessment of System Security Plans and Third-Party Audit documents such as SOC2 reports to develop information security position reports.
Expertise in identifying risk as it relates to MaineIT policy, the state of its environment, and Defense in Depth.
Ability to coordinate with other subject matter experts to develop a concise position on IT products and services from an information security perspective.
Ability to develop reports pertaining to vendor-provided IT products and services.
Ability to document procedures and diagrams related to security architecture.
Ability to conduct research, analyze, and communicate the security and regulatory impact of risk to executive-level management in a concise manner.
Familiarity with Cloud and Network Security concepts and tools.
Familiarity with information security system standards and certifications such as ISO-27000 family and FedRAMP.
Familiarity with risk assessment processes for information technology systems as outlined in NIST Publications.
Familiarity with information security controls outlined in NIST Special Publication 800-53.
Familiarity with security compliance to federal audit agency requirements for different data types (e.g., Federal Tax Information, Criminal Justice Information, Social Security Information, and Affordable Care Act Information).
A high level of attention to detail reviewing complex documents related to information security.
Top 3 Skills:
Security Architecture
Application Security
Communications, Oral and Written
Minimum
Qualifications:
Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
Minimum of 5 years of experience in information security, with at least 3 years in a security architecture or related role.
In-depth knowledge of security principles and practices, including application security, risk assessment and management, security architecture, compliance, and security testing.
Experience with security technologies, including firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint security solutions.
Knowledge of industry standards and regulations, such as NIST, CIS, HIPAA, and FISMA.
Strong analytical and problem-solving skills, with the ability to think creatively and strategically to develop effective security solutions.
Excellent communication and interpersonal skills, with the ability to work collaboratively with internal and external stakeholders.
Professional security certifications, such as CISSP, CISM, or CISA, are highly desirable.
Benefits:
Medical, Vision, and Dental Insurance Plans
401k Retirement Fund
About the Company:
Our client in Augusta, ME has over 12,000 employees across all of its locations and generates $12 billion in sales. There are 777 companies in our client's corporate family. They provide a full range of services including justice and protection, transportation safety, education, economic development, business regulation, and cultural enrichment.
Our client's employees and contractors have given them a four-star rating for being a great place of employment on both Glassdoor and Indeed!
Estimated Salary: $20 to $28 per hour based on qualifications.
Job Description:
The Solutions Security Architect serves as a vital member of the Security Architecture Team, Information Security Office.
This position will be part of a team that assists the Office of Information Technology and supports the agencies with meeting the requirements set forth by the Information Security Office.
This position provides a broad range of services in strategy and consulting, interactive, technology, and operations, with digital capabilities across all these services.
The Solutions Security Architect is responsible for leading the development of information security architecture with a focus on application security and ensuring technology initiatives are implemented within the guidelines of industry frameworks including NIST800-53(r5) in order to maintain and improve our environment's security posture.
They will be accountable for strategic planning, architecture, and securing enterprise information by identifying network and application security requirements and implementing and testing security controls and procedures.
The primary area of focus for the Solutions Security Architect is to advise the Chief Information Security Officer in developing risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address cyber Security, Cyber Defense, and the needs of the enterprise.
To meet these requirements the successful candidate must be knowledgeable about how security architecture fits into the broader security program and understands the security concepts outlined by the National Institute of Standards and Technology (NIST).
The successful candidate will adapt and leverage both MaineIT policy and system security technology stack to reduce new or existing risks and assist the team as we work to bolster our security posture.
Key
Responsibilities:
Define information security strategies, including guiding principles and future state vision, ensuring that the strategic objectives are aligned with business goals.
Develop and implement security policies and standards in alignment with industry best practices, state and federal regulations, and emerging security technologies.
Collaborate with internal and external stakeholders, including IT teams, vendors, and State agencies, to ensure that security measures are integrated into all technology solutions.
Provide technical guidance and expertise to IT teams and other stakeholders on security-related issues primarily in the application space.
Work closely with customer stakeholders to identify and mitigate risks, perform security reviews, design top-tier security practices, and deliver strategic, innovative cloud-based security offerings.
Stay up to date on the latest security threats, trends, and technologies, and recommend solutions to mitigate risks.
Engage in a variety of solutioning sessions which include key subject matter experts, these sessions are designed to quickly produce secure and viable solutions to critical business use cases.
Knowledge, Skills, and Abilities Required:
Expertise in conducting product research to make informed information security assessments.
Expertise in application security
Expertise in the assessment of System Security Plans and Third-Party Audit documents such as SOC2 reports to develop information security position reports.
Expertise in identifying risk as it relates to MaineIT policy, the state of its environment, and Defense in Depth.
Ability to coordinate with other subject matter experts to develop a concise position on IT products and services from an information security perspective.
Ability to develop reports pertaining to vendor-provided IT products and services.
Ability to document procedures and diagrams related to security architecture.
Ability to conduct research, analyze, and communicate the security and regulatory impact of risk to executive-level management in a concise manner.
Familiarity with Cloud and Network Security concepts and tools.
Familiarity with information security system standards and certifications such as ISO-27000 family and FedRAMP.
Familiarity with risk assessment processes for information technology systems as outlined in NIST Publications.
Familiarity with information security controls outlined in NIST Special Publication 800-53.
Familiarity with security compliance to federal audit agency requirements for different data types (e.g., Federal Tax Information, Criminal Justice Information, Social Security Information, and Affordable Care Act Information).
A high level of attention to detail reviewing complex documents related to information security.
Top 3 Skills:
Security Architecture
Application Security
Communications, Oral and Written
Minimum
Qualifications:
Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
Minimum of 5 years of experience in information security, with at least 3 years in a security architecture or related role.
In-depth knowledge of security principles and practices, including application security, risk assessment and management, security architecture, compliance, and security testing.
Experience with security technologies, including firewalls, intrusion detection and prevention systems, vulnerability scanners, and endpoint security solutions.
Knowledge of industry standards and regulations, such as NIST, CIS, HIPAA, and FISMA.
Strong analytical and problem-solving skills, with the ability to think creatively and strategically to develop effective security solutions.
Excellent communication and interpersonal skills, with the ability to work collaboratively with internal and external stakeholders.
Professional security certifications, such as CISSP, CISM, or CISA, are highly desirable.
Benefits:
Medical, Vision, and Dental Insurance Plans
401k Retirement Fund
About the Company:
Our client in Augusta, ME has over 12,000 employees across all of its locations and generates $12 billion in sales. There are 777 companies in our client's corporate family. They provide a full range of services including justice and protection, transportation safety, education, economic development, business regulation, and cultural enrichment.
Our client's employees and contractors have given them a four-star rating for being a great place of employment on both Glassdoor and Indeed!
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
