Information Security Architect

Safelite Autoglass Columbus , OH 43216

Posted 7 months ago

Information Security Architect

The Information Security Architect will be responsible for developing secure architecture solutions as part of the design phase and implementation of projects, developing cost effective strategies for protecting confidential data via information security techniques, encryption technologies, access control methodology and DLP. This role will also be responsible for identifying risk, and influencing other domain architects to ensure a complete and secure product. The individual chosen for this role will need to have the ability to challenge others and provide solutions to address security vulnerabilities during all phases of initiatives and projects.

Find a career. Gain a family.

Safelite will be unlike any place you've ever worked. (This won't be just the daily grind!) You'll join caring and passionate teams that collaborate to make a difference, deliver extraordinary results and bring unexpected happiness. Every day. Your effort, heart and creative ideas will be valued and rewarded. And we care about your well-being. So, we'll strive to give you what you need to be happy at work and at home.

Essential Activities:

  • Develop secure architectural solutions as part of the design phase of system development and implementation projects.

  • Develop cost effective strategies for protecting confidential data through use of information security techniques and technologies, including but not limited to: encryption technologies; access control; DMZ architecture and network security zones; content monitoring and filtering; data leakage tools.

  • Assess and mitigate PCI, NIST and ISO implications of new product development.

  • Evaluate emerging technology and security software tools for benefit and compatibility to organization's infrastructure.

  • Partner with platform and engineering teams to integrate security controls into continuous integration, delivery and deployment processes.

  • Develop and document security centric solutions and standards for the organization based on current threat vectors, NIST and ISO frameworks.

  • Provide guidance and subject matter expertise on infrastructure, application & data security to engineering teams across the company.

  • Consult and advise project teams regarding information security risks and industry practices.

  • Provide Security Architecture consultation with other parts of IT and business partners, and software development processes to ensure the applications developed and systems implemented are in line with security best practices and company policies and standards and are compliant with the required frameworks (ISO, SOX, SWIFT, OWASP, NIST Cyber Security, etc.).

Requirements:

  • 7-10 years of relevant experience is required.

  • Bachelor's degree in MIS, CIS, Computer/Engineering, or equivalent experience is required.

  • Eight or more years of experience working in IT, with minimum of 3 years of experience of leading application security architecture efforts that requires close collaboration with project teams and business stakeholders is required.

  • Security and authentication related work on web applications and protocols including but not limited to security issues like XCC, CSRF *Minimum of 3 year DLP, DRM, Data Encryption/Masking/Tokenization experience is required.

  • Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies is required.

  • Experience related to at least two of the following: risk assessments, security and privacy policy development, data protection or security strategy, general IT, data privacy and security controls development, compliance readiness (i.e. GDPR, PCI, SOX) or technical security architecture/design is required.

  • Applicable security certifications desired; CISSP, CEH, GIAC, GSEC, or CSSLP or advanced degree in InfoSec is required.

Apply Now!

We're known as an auto glass company. That's the focus of what we do. But we're much more -- we're a growing and evolving service brand. And what really makes us unique is our people. Because at our core, we're a People Powered organization -- and our people come first and our culture matters. We'll help you find a fulfilling career path and encourage you to have a life. Let us be the best place you'll ever work.

Learn more.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Architect Information Security
New!

Alliance Data

Posted Today

VIEW JOBS 10/15/2019 12:00:00 AM 2020-01-13T00:00 Job Summary The Sr. Architect, Info Sec is responsible for driving security strategy, determining enterprise security requirements; developing appropriate organizational IT security standards, processes, and procedures; communicating and educating across the entire IT organization to ensure standards and practices are being proactively developed and implemented. Candidate should have expert knowledge in security design and security testing tools and techniques. This role serves as a resource for other employees and serves as a program and project lead and inspects work of staff positions. The position reports to the Manager, Information Security. Essential Job Functions * Lead the development & implementation of security strategy, including security policies, security technology standardization, and modernization of IT infrastructure. Work closely with teams across the organization and disciplines to recognize business, industry, and technology trends to inform these strategies and policies. * Consult and advise on complex initiatives (including business strategy, projects, and security capabilities) as required to ensure adherence to security compliance requirements, strategies, and policies. * Coordinate and oversee various technical security assessments (projects and programs) throughout the year as required. This includes assessments like application and network pen tests, security scanning, and support of security audits. Incorporate assessment themes and findings into security strategy recommendations. * Mentors and develops security staff, as well as IT staff in adopting security techniques and security standards. * Responsible for working closely with Network Engineering, Enterprise Architecture, Application Development, and Operations groups to comprehend and recognize business, industry, and technology variables (currently in place, planned, developing and emerging) and setting the direction of the security organization to support current and future business models, strategies, and processes. * Investigate, conduct proof of concept and generate recommendations on key third-party components, such as network, security & voice infrastructure technologies. * Write reference architectures and strategic roadmaps for VoIP, Video, network convergence technologies, and solution architectures for various infrastructure initiatives to ensure scalability and performance. * Seeks an understanding of the Information Security strategy and vision and how these impact both Information Security and the organization. * Ability to identify when to engage with leaders to resolve issues, risks or obstacles * Good time management and organization skills. Follows direction and executes tasks as instructed; occasionally demonstrates original thinking which helps to improve processes and/or procedures * Seeks personal development and improvement opportunities * Perform other duties as assigned by management. Preferred Education/Certifications * Master Degree in Computer Science, Networking or Information Technology with equivalent experience considered in lieu of degree. * Two or more relevant professional technical certifications (examples: CISA, CISSP, GIAC, CEH, etc.) Preferred Work Experience * 10 years of Information Security, Network, or related experience. * 1 years of leadership experience. Knowledge, Skills and Abilities * Experience in IT architecture, design, and implementation; this includes networks, firewalls, database systems, web servers, application servers, mainframes, and different types of middleware. * Experience with web application architecture. * Expertise in network security, monitoring and auditing solutions. * Expertise in applicability and use of various technical security controls, including endpoint AV, WAF, SIEM, threat intel, firewalls, storage encryption, web content filtering, and DLP. * Experience in the architecture and use of public key infrastructure, certificate management, encryption, payment tokenization, single sign on, and two-factor authentication. * Experience in data security regulations, control frameworks, and standards: PCI-DSS, NIST, ISO 27002. * Ability to work in a team-fostered, fast-paced, multi-tasking environment. * Ability to communicate complex security and technical topics in easy-to-understand language to a variety of audiences (executive, business, technical). * Ability to maintain the highest level of confidentiality and professionalism. * Conceptual knowledge and understanding of, with experience preferred, in Information Security techniques and underlying infrastructures. * Experience collaborating on projects, preferably technical in nature, with preference given to prior experience as project lead and/or primary contributor/collaborator. * Must be willing to own issues and see them through to successful resolution. * Ability to work with cross-functional groups within various lines of business to resolve issues. * Excellent interpersonal, written, and oral communication skills as well as issue resolution and negotiation skills. * Understanding of NIST security standards. * Understanding of regulatory compliance requirements including PCI DSS and SOX. * Possess analytical and problem-solving skills, and a drive to learn and contribute at a high level * Working knowledge and experience using the Microsoft Office suite including; Word, Excel and Outlook About Alliance Data's card services business Alliance Data's card services business develops market-leading private label, co-brand, and business credit card programs for many of the world's most recognizable brands. Through our branded credit programs, we help build more profitable relationships between our partners and their cardmembers, and drive lasting loyalty. Using the industry's most comprehensive and predictive data set, advanced analytics, and broad-reaching capabilities, Alliance Data's card services business has been helping partners increase sales and provide greater value to their cardmembers since 1986. We are proud to be part of the Alliance Data enterprise (NYSE: ADS), an S&P 500, FORTUNE 500 and FORTUNE 100 Best Companies to Work For company headquartered in Columbus, Ohio. To learn more, visit KnowMoreSellMore.com, follow us on Twitter @Know_SellMore, and connect with us on LinkedIn at Alliance Data card services. * Alliance Data offers a competitive salary, a comprehensive selection of benefit options including 401(k). * All job offers are contingent upon successful completion of credit and background checks. * Alliance Data is an Equal Opportunity Employer. * Alliance Data will provide accommodations to applicants needing accommodations to complete the application process. * Any applicant offered employment will be required to establish that they are legally authorized to work in the United States for Alliance Data. * Alliance Data participates in E-Verify. * Alliance Data will consider for employment qualified applicants with criminal and credit histories in a manner consistent with the requirements of all applicable laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance. #cb #indprof #indurgent ... Alliance Data Columbus OH

Information Security Architect

Safelite Autoglass