Information Security Architect
Role details
Job location
Tech stack
Job description
- Be a trusted advisor for Application Development and Shared Services initiatives by providing objective, practical, and relevant ideas, insights, and advice.
- Function with an enterprise lens in applying security practices across the environment.
- Establish architecture principles, standards, and best practices for the security of our infrastructure, identity, data, application development, and partner integrations, and integrate these into our Enterprise Architecture practices.
- Collaborate closely with developers, architects, and engineers on how to enable effective security solutions for the organization at 'the ground level' so solutions can scale effectively.
- Perform security assessments and engineering analysis for complex, multi-platform systems and services.
- Lead the performance of application security reviews.
- Assess the architecture and security designs and capabilities of potential products, strategic partnerships, and vendors.
- Develop and present metrics that represent the efficacy of the practices and controls in place.
- Maintain a relevant skillset and expertise in information security technologies and practices.
- Perform other duties as assigned.
These duties must be performed with or without reasonable accommodation. We know experience comes in many forms and that many skills are transferable. If your experience is close to what we're looking for, consider applying. Diversity has made us the entrepreneurial and innovative company that we are today.
Requirements
- 5-8 years of broad security experience as a practitioner within IT organizations.
- Bachelor's degree, applicable certification, or equivalent experience.
- A future-focused mindset considering where the organization is today, knowing what's coming in the technology landscape, understanding what that means for security, and building a course to ensure we don't get there late.
- Understand all facets of information technology lifecycles, from scoping to delivery and operations, and the ability to see and communicate the role information security plays in every stage.
- Background in bringing a variety of stakeholders together to achieve specific security outcomes.
- Broad background working directly with all levels of security controls.
- Extensive experience with one or more regulatory frameworks associated with information technology (e.g., PCI, GLBA, HIPAA, SOX, etc).
- Strong written and verbal communication skills, including the ability to discuss technical topics with a non-technical audience.
- Able to partner with technology subject matter experts (SMEs) to define and formalize security policies and practices in collaboration with the teams most impacted to reach secure and functional outcomes.
- Able to develop security architecture standards, frameworks, guidelines, and design patterns spanning all layers of security from host, server, and network to application and data security.
- Identify opportunities for security tooling and automation with the goal of translating security standards into policy-as-code and infrastructure-as-code that is secure by default
- Experience in evaluating security controls from a value and return on investment perspective.
Preferred:
- Expertise in security architecture for cloud/hybrid systems and application development.
- CISSP, CISM , and related security certifications strongly preferred.
- Working knowledge of Cloud-based Identity and Access management (IAM), including Single Sign On, MFA, identity providers, and frameworks. (FIDO, SAML, OAuth, OIDC.
- Excellent conceptualization, analytical, logical, and documentation skills.
- Experience in the financial services or servicing operations sectors.
Benefits & conditions
Pulled from the full job description
- Tuition reimbursement
- Pet insurance
- AD&D insurance
- Health insurance
- 401(k) matching
- Paid time off
- Vision insurance, * Medical, Dental and Vision insurance for you and your family
- Relax and recharge with Paid Time Off (PTO)
- 6 company-observed paid holidays, plus 3 paid floating holidays
- 401k (after 90 days) plus employer match up to 4%
- Pet Insurance for your furry family members
- Wellness perks including onsite fitness equipment at both locations, EAP, and access to the Headspace App
- We invest in your future through Tuition Reimbursement
- Save on taxes with Flexible Spending Accounts
- Peace of mind with Life and AD&D Insurance
- Protect yourself with company-paid Long-Term Disability and voluntary Short-Term Disability
Concora Credit provides equal employment opportunities to all Team Members and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. Employment-based visa sponsorship is not available for this role. Concora Credit is an equal opportunity employer (EEO).