Jobs · Information Technology · Oregon

Information Security Architect

Concora Credit · Beaverton, OR · Yesterday
Information TechnologyFull-time

Responsibilities

  • Be a trusted advisor for Application Development and Shared Services initiatives by providing objective, practical, and relevant ideas, insights, and advice.
  • Function with an enterprise lens in applying security practices across the environment.
  • Establish architecture principles, standards, and best practices for the security of our infrastructure, identity, data, application development, and partner integrations, and integrate these into our Enterprise Architecture practices.
  • Collaborate closely with developers, architects, and engineers on how to enable effective security solutions for the organization at ‘the ground level’ so solutions can scale effectively.
  • Perform security assessments and engineering analysis for complex, multi-platform systems and services.
  • Lead the performance of application security reviews.
  • Assess the architecture and security designs and capabilities of potential products, strategic partnerships, and vendors.
  • Develop and present metrics that represent the efficacy of the practices and controls in place.
  • Maintain a relevant skillset and expertise in information security technologies and practices.
  • Perform other duties as assigned.

Qualifications

  • 5-8 years of broad security experience as a practitioner within IT organizations.
  • Bachelor’s degree, applicable certification, or equivalent experience.
  • A future-focused mindset considering where the organization is today, knowing what’s coming in the technology landscape, understanding what that means for security, and building a course to ensure we don’t get there late.
  • Understand all facets of information technology lifecycles, from scoping to delivery and operations, and the ability to see and communicate the role information security plays in every stage.
  • Background in bringing a variety of stakeholders together to achieve specific security outcomes.
  • Broad background working directly with all levels of security controls.
  • Extensive experience with one or more regulatory frameworks associated with information technology (e.g., PCI, GLBA, HIPAA, SOX, etc).
  • Strong written and verbal communication skills, including the ability to discuss technical topics with a non-technical audience.
  • Able to partner with technology subject matter experts (SMEs) to define and formalize security policies and practices in collaboration with the teams most impacted to reach secure and functional outcomes.
  • Able to develop security architecture standards, frameworks, guidelines, and design patterns spanning all layers of security from host, server, and network to application and data security.
  • Identify opportunities for security tooling and automation with the goal of translating security standards into policy-as-code and infrastructure-as-code that is secure by default.
  • Experience in evaluating security controls from a value and return on investment perspective.
  • Preferred Expertise in security architecture for cloud/hybrid systems and application development.
  • CISSP, CISM , and related security certifications strongly preferred.
  • Working knowledge of Cloud-based Identity and Access management (IAM), including Single Sign On, MFA, identity providers, and frameworks. (FIDO, SAML, OAuth, OIDC).

Similar jobs

Information Security Architect

JabilSt. Petersburg, Florida, United States· 1 mo ago
Information Technology$126k–$227k/yrapply on jabil.wd5.myworkdayjobs.com

Information Security Architect

Blue Cross and Blue Shield of Kansas CityUnited States· 1 mo ago
RemoteInformation Technologyapply on bcbskc.wd1.myworkdayjobs.com