Posted in Other 30+ days ago.
Information Security Architect
We are searching for an experienced Information Security Architect.
South Bend, Indiana
The Information Security Architect role will provide technical expertise on security functions and interact with various business and project roles to act as a subject matter expert. The role will integrate with business processes to provide guidance and liaise with various internal and external stakeholders to enable the organization to achieve its goals while fostering a security conscious culture.
Primary Responsibilities & Duties
Act as the Subject Matter Expert on information security best practices, technologies, and implementations.
Liaise with business units and Information Technology teams to guide projects and initiatives.
Develop reference architectures as templates for secure implementations of information systems.
Interact with external stakeholders to review and assess technical security implementations.
Participate with development teams to advise on secure coding practices and architectures.
Be a champion of DevSecOps and participate in the growth and implementation of processes supporting a DevSecOps culture.
Be a leader and subject matter expert on Cloud Security and Architecture.
Participate in the quantification of risk, including Third Party Assessments.
Develop internal threat intelligence and analyze external threat intelligence feeds and indicators.
Participate in threat hunting exercises
Develop and drive a process of threat modeling for the organization.
Participate in incident triage and response.
Help develop tabletop exercises and simulations.
Participate in assessments such as security assessments, penetration tests, application assessments, and open source intelligence exposure assessments.
Participate in an incident handler on-call schedule.
Act as a positive representative of the Information Security Team.
Help grow others and work within a team, share knowledge and maintain a positive and collaborative attitude.
Assumes additional responsibilities as necessary for the continued growth and advancement of the Credit Union.
Proven work experience as in information security, information assurance, architecture, or technology.
Exposure to Cloud, DevSecOps, and secure development.
Experience in incident response, triage, digital forensics, and case management.
Experience with programming and scripting languages and text manipulation tools.
Experience in building and maintain security systems.
Exposure to a variety of information security tools and systems, for example firewalls, intrusion detections systems, endpoint protection software, vulnerability management platforms, authentication systems, log management / SIEM, packet capture, application whitelisting, etc.
Experience with information security concepts such as least privilege.
Exposure to security assessment concepts across any of the following: OSINT, Network Penetration Testing, Application Assessment and Reverse Engineering, Web Application Penetration testing, and Mobile Security Assessments.
Strong desire to continuously learn.
Thorough understanding of the latest security principles, techniques, and protocols.
Problem solving skill and the ability to work under pressure.
Data entry skills, mathematical and logical aptitude and general interpersonal skills are necessary.
Excellent verbal and written communication skills are absolutely necessary.
Lifting up to 50 lbs.
Works with little supervision with respect to scheduling and assignments of tasks with results and progress occasionally reviewed.
Ability to develop, communicate, and coordinate project plans and projects. Strong ability to multi-task and prioritize multiple projects and be a team leader and facilitate brainstorming sessions.
Must be available for non-business hours support and after-hours work, including on-call rotation when necessary.
Responsible for completion of all work assigned within the predetermined deadlines.
Accountable for protection of security and confidentiality of all systems maintained.
Accountable for understanding and applying government laws and regulations and TCU policies and procedures relating to the Anti-Money Laundering Regulations including but not limited to the Bank Secrecy Act (BSA), US PATRIOT ACT and OFAC.
Accountable for Performance Management Goals as agreed upon with Supervisor.
Bachelor's degree in information technology-related field, or equivalent work experience.
Minimum of 4 years' experience in information security.
Industry certifications such as: CISSP, GIAC Certifications such as GSEC, GCIA, GCIH, GWAPT, GCFA, GCFE CEH, Offensive Security.
In-depth knowledge of information security issues and best practices.
95057.00 - 105560.00
Our company provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.