Security Services architect @ Waltham, MA

Need for Security Services architect @ Waltham, MA

Contract

Title:

Security Services architect

Location:

Waltham, MA

Duration:
Full Time

• Business and Project Consulting:
  • Project engagement during the initiation, requirements, and design stages to ensure that security has been considered and is included into the design at the appropriate level based on the risks.
  • Further security related guidance may be required during the build and testing stages of the projects.
  • Security review and design of complex application and technology architectures.
  • Coordination of technical design/review activities with various IS and project stakeholders.
  • Evaluation and maintenance of security system plans and procedures to safeguard internal information systems and databases.
  • Researching and recommendation/implementation of changes to procedures and systems to enhance security aligned with corporate policies.
  • Partner with LoB and IS during project engagement in the development of strategic and tactical business plans.
  • Manage demand of working on multiple projects and leverage IS security technologies and services to meet business goals and objectives.
  • Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.
  • Flexibility to travel as role requires (may include global responsibilities)

• Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, and secure network zoning and restricted network design), database, operating system and application security.
• Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions.
• Able to translate business and non-functional requirements to identify the security design and to document the security solutions for communications and enduring documentation.
• Strong knowledge of data and information flows, information governance, and network protocols.
• Experience of designing and incorporating technical security controls, including for SAP.
• Experience of incorporating security controls at each stage of the software development lifecycle process.
• Experience of designing and managing security controls within service providers and the cloud.
• Experience of security hardening techniques and policy development, particularly operating system hardening (e.g. Windows, UNIX, Oracle).
• Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
• Prepared to challenge business and IS colleagues and have the “difficult conversations” where needed in the interests of National Grid.
• Strong communication, leadership and partnering skills.
• Proven track record of successfully delivering business requirements to time and budget constraints.
• Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
• Prior utility industry experience preferred, including knowledge of Critical National Infrastructure (CNI). Familiar with security application lifecycle process frameworks including NIST 800-64.

• Educated to degree level (or equivalent combination of education and experience).
• Information Security Qualifications such as CISSP, ISSAP, and SABSA practitioner preferred.
• Security Qualifications such as SANs, CCNA, CCNP.
• Familiar with various controls including NIST and NERC CIP.