Lead Information Security Architect​/Engineer

Lead Information Security Architect / Engineer

EmTacq specializes in EMployer Talent ACQuisitions, matching the most qualified candidates with the most competitive positions available. We pride ourselves on not just putting bodies in seats, rather matching professionals to their careers. We are headquartered in the Raleigh / Durham, NC area. However, as a recruiting agency we service companies and candidates across the United States. We are your best source for professional, value driven low cost recruitment services.

Full-time

The Lead Information Security Engineer will be responsible for designing and implementing a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the control environment. Must be a subject matter expert (SME) with strong collaboration skills to work with cross functional teams to ensure the design of technology solutions complies with information security policies, and regulatory obligations.

The Lead Information Security Engineer must have the ability to identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender’s perspective. In this role you must be a positive professional, adaptable, pragmatic, and who is comfortable in delivering clear and concise information at both a technical and managerial level.

Responsibilities:

• Design and implement a process to analyze the design of technology solutions for threats, attacks, and vulnerabilities that could affect the client's control environment.
• Review and approve security configuration checklists (e.g., hardening or lockdown guides) for technology platforms and solutions (e.g., operating systems, databases, firewalls, etc.).
• Provide security consulting services internally to the engineering organization by giving guidance and functioning as an information security SME.
• Identify, document, and recommend security safeguards and configurations in a highly complex environment with a demonstrated ability to recognize, and appropriately incorporate layered security safeguards within the network, application, and data layers from a defender’s perspective.

Required Experience

• 5+ years of experience in one or more of the following information security domains: access management, cryptography, data loss prevention (DLP), emerging technologies (i.e., cloud, mobile, etc.), endpoint security, incident response, malware analysis and protection, network and perimeter security, or web and mobile application security.
• 5+ years of experience analyzing the design of technology solutions using common industry frameworks such as DREAD, SSE-CMM (ISO/IEC 21827), STRIDE, or other risk assessment models.
• 5+ years of working knowledge of various industry security standards and frameworks including: ISO 27001, ISF Standard of Good Practice (SoGP), NIST Special Publications, etc.
• 5+ years of working knowledge of modern enterprise and security architectures, their challenges, common approaches to overcome their challenges, and their inherent security strengths and weaknesses.
• Teamwork and communication skills, both written and verbal.

Preferred Experience

• Bachelor’s degree in Computer Science, Information Systems, or related field. 8+ years of equivalent work experience required in lieu of degree is acceptable.
• Professional certifications such as: CISSP, CISA, CISM, GIAC, CGEIT, CRISC, CEH, or other relevant industry certification strongly preferred.

Our client is proud to be an equal opportunity/affirmative action employer. We are committed to attracting, retaining and maximizing the performance of a diverse and inclusive workforce. It is their policy to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information or any other basis protected by law.