Enterprise Information Security Architect

       Basic Qualifications:

• Bachelor’s degree in Information Technology or related discipline from an accredited college or university, advanced degree or other professional certification in Management Information Systems is preferred

• 10+ years of professional business experience in Security Architecture, including security with Applications, Infrastructure, external internet security, or Access and Identity Management

• Must have prior hands on experience reviewing code designs from a security standpoint

• Prior experience with Internal and External Applications Security Assessment

• Demonstrated experience with Secure Development Lifecycle

• Demonstrated experience with defending OWASP Top Ten Attack types

• Must have prior experience with SSL, and can articulate what it can/cannot cover and why it’s important

• Experience with C, Python, Ruby, C++ or other relevant languages

• Demonstrated experience with Vulnerability assessments, penetration testing and experience fixing vulnerabilities.

• Experience with information privacy and security laws (covering such items as data breaches, records management and structured/unstructured data)

• Prior Data Encryption solutions experience

• Prior ITCAM/SOA experience

          Additional Qualifications/Knowledge:

• 5+ years of management experience

• Experience working in controlled regulatory environment is preferred

      Skills and Abilities:

• Strong understanding of application security principles

• Ability to articulate the 3 components of AAA (AuthN, AuthZ and Audit)

• Strong understanding of TOGAF and can articulate it’s importance and relevance

• Strong project management and leadership skills

• Good vendor relationship management and negotiation skills

• Excellent presentation skills and able to speak in front of senior Executives

• Good interpersonal skills with the ability to interact with all levels of management and staff

• Good written communication skills