Lead Information Security Architect

Website Hays Technology

HAYS is now accepting applications for the position of Lead Information Security Architect

Position Summary

The development and promotion of information security capabilities and compliance throughout the Corporation’s business network and applications fall under the scope of this position, which is a member of our Information Security and Risk Management (ISRM) Security Architecture team.

The ideal candidate would be well-versed in key components of security architecture needed to enable and safely supply the company’s infrastructure and apps that are hosted by public cloud providers. You must have experience in the design or implementation of EDR solutions OR email hygiene.

Responsibilities:
  • Develop and maintain a comprehensive vision and strategy for network security architecture to accomplish department objectives of protecting our systems and data hosted in the our data centers and the cloud
  • Understand, research, design and develop secure implementations of technology solutions, and oversee large rollouts of the same.
  • End to end analysis, requirements development, design, and governance of the security processes and tools ecosystem within our Technology infrastructure, partnering with IT and business colleagues as appropriate
  • Understands the drivers and requirements of the business and translates those into technology solutions, serving as a liaison between technical teams and management
  • Security technical and Information Protection leadership for fine grained solutions including developing secure and sustainable security reference architectures where applicable
  • Identify and document critical path decisions, make recommendations, and influence program leaders / business process owners
  • Able to communicate processes’ and tool automation needs to Automation Team to drive infrastructure as a code mentality.
  • Participate in Scaled Agile planning and activities deploying enterprise program creating Global Network Security Services within the company, identify customer needs, converting those into functional requirements and creating program roadmap, driving objectives and managing program backlog.
Minimum Requirements:
  • 8+ years in Security Architecture and/ore security engineering overseeing network security capabilities
Critical Skills:
  • Architect, designing and implement global email security solutions
  • Assess current state of collaboration and mobility security controls and suggests improvements
  • Leads the deployment team for DMARC, DKIM and SPF
  • Designs and implements email threat prevention solutions
  • Assess and recommends Threat Detection Intervention Controls for SaaS applications (e.g. Data Loss Prevention, Malware)
  • Assess CIS Benchmarks, recommends hardening policies and manages rollout of hardening policies
  • Experience in endpoint and collaboration security architecture design, documentation and best practices; understand enterprise architecture frameworks and can independently author and assess technical architectures
  • Acts as subject matter expert for all topics related to collaboration, messaging and mobility security
  • Works with User Experience teams to design security controls for collaboration suite
  • Assess current state architecture for endpoint security and develops future state architecture and capabilities around endpoint security solutions
  • Deep level understanding of TCP/IP (Transmission Control Protocol/Internet Protocol) networking and the OSI (Open Systems Interconnection) 7-layer model
  • Detailed understanding of attack vectors, current threats, and their remediation strategies;
  • Strong time management skills planning, organizing, and leading architecture development efforts
  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships
  • Self-Starter that requires minimal supervision, multi-tasks effectively, and can provide oversight and coaching to others for any assigned projects or tasks.
  • Detailed understanding of control frameworks and reference architectures such as NIST, Cyber Security kill chain.
  • Understanding of various compliance regulations/laws, and standards (e.g., PCI DSS, HIPAA).
  • Able to stay on top of latest cybersecurity developments and next gen platforms
Additional Knowledge and Skills:
  • Knowledge of healthcare, privacy, and financial compliance regulations are a great asset.
  • Experience of working with SAFe (Scaled Agile Framework for the enterprise)
  • Previous hands-on endpoint and/or collaboration security engineering knowledge and experience, implementing and operationalizing endpoint security toolsets.
  • Strong analytical and troubleshooting skills with an understanding of IT business operations and information security.
  • Able to work with suppliers and vendors to assess a true value of cybersecurity capabilities vs what they are offering as a sales pitch and how those capabilities would apply to us as a whole, from integrations to existing cybersecurity eco-system to their operationalization.
  • Interface with other technology teams on endpoint security posture hardening and architecture development
  • Solid understanding of Windows, UNIX, Linux, and web-based systems

To apply for this job email your details to jamie.pickett@hays.com