Information Security Application Architect, Location: Chicago, IL FT or Long Term

Job Description:

Responsibilities:
  • 8+ years’ work experience in information security and/or related functions (such as IT Audit, Risk Management or Security Architecture
  • Understanding how to implement the appropriate level of application security practices based on the risk profile of the application and data. Some of the controls, but not limited to; encryption, authentication, multifactor authentication, session management, input validation, logging, and auditing
  • Deep understanding of the DevSecOps lifecycle in regard to ensure the appropriate security is built-in with defined guardrails
  • Demonstrable knowledge of a broad range of Information Security technologies and practices
  • Expert knowledge of and experience in developing and documenting application security architecture and plans (e.g. development and deployment roadmaps) and using process modeling tools and techniques
  • SOX and HIPAA experience in dealing with IT general controls (ITGC), demonstrated through hands-on audit, remediation, and/or computer system validation
  • Excellent understanding of current Information Security & Architecture trends and their impact on business strategies including key Information Security vendors and solutions, audit organizations and influential market research firms
  • Experience with scripting languages
  • Experience with creating standards, reference architectures, policies, procedures, and implementation guidelines
  • High degree of understanding with Cryptographic Services and Public Key Infrastructure
  • Experience with Amazon Web Services, Microsoft Azure, and other internal and external cloud providers
  • Advanced knowledge of application security development techniques and processes including specification, documentation, and quality assurance
  • Excellent communications and influencing skills with strong ability to balance differing stakeholder interests through sound analysis and persuasion
  • Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members
  • Ability to formulate application security architecture vision and translate vision into execution
  • Thorough understanding of Information Security frameworks and practices (e.g. ISO, NIST), architecture standards (e.g. TOGAF and SABSA) and proven ability to strike a balance between an academic and pragmatic approaches

Share Profile