Architect, Information Security
Posted on: October 16, 2020
Job DescriptionAn advanced skillset position, the Information
Security Architect reports to the Sr. Director Information Security
and is responsible for designing security solutions that protect
the business, but also allow the business to execute and innovate.
The Information Security Architect works closely with many diverse
and dynamic teams, including, but not limited to, ITS enterprise
architecture, infrastructure, application development, security
operations, internal audit and compliance. This position is also
responsible for architecting solutions to secure
business-to-business initiatives, third-party relationships,
outsourced solutions and vendors.
The Information Security Architect provides expert guidance for
addressing current security issues, but has the foresight to see
where the industry is headed and proactively deliver optimal secure
solutions. The Information Security Architect is expected to think
like an adversary and identify how solutions should evolve as the
threat landscape changes. A senior-level role, the architect
possesses strong communication and organizational skills, and the
ability to guide less experienced coworkers. The Information
Security Architect provides technical leadership to delivery and
solution design team members.
- Knowledge - At least 10+ years' experience in cybersecurity,
including compliance and risk management with a background in
system and network security engineering.
- A proven deep background (preferred 5+ years in addition to
cybersecurity) in technology design, implementation and
- Experience in cloud computing technologies, including
software-, infrastructure and platform-as-a-service, as well as
public, private and hybrid environments.
- Extensive knowledge of traditional security controls and
technologies, such as Security Information and Event Management
(SIEM) systems, intrusion detection/prevention systems (IDS/IPS),
public key infrastructure (PKI), identity and access management
(IDAM) systems, antivirus and firewalls, in addition to newer
offerings such as endpoint detection and response (EDR), threat
intelligence platforms, security automation and orchestration,
deception technologies and application controls.
- Excellence in communicating business risk from cybersecurity
- Experience driving measurable improvement in monitoring and
response capabilities at scale.
- Experience architecting SIEM systems, threat intelligence
platforms, security automation and orchestration solutions,
IDS/IPS, file integrity monitoring (FIM), data loss prevention
(DLP) and other network and system monitoring tools.
- Track record of acting with integrity, taking pride in work,
seeking to excel, being curious and adaptable, and communicating
- Experience with Amazon Web Services (AWS) or Microsoft
PHP or Ruby.
- DevOps background with experience in compliance
- Experience with one or more of the following: ISO 27001, NIST,
Payment Card Industry Data Security Standard (PCI DSS), Health
Information Portability and Accountability Act (HIPAA), Health
Information Technology for Economic and Clinical Health (HITECH)
Act, Sarbanes-Oxley Act (SOX) the General Data Protection
Regulation (GDPR), Center for Internet Security (CIS) standards or
Service Organization Controls (SOC) 2.
- Familiarity with state privacy laws.
- Ability to think strategically and tactically, with effective
- Highly trustworthy; leads by example.
ALSAC is an equal employment opportunity employer.
ALSAC does not discriminate against any individual with regard to
race, color, religion, sex, national origin, age, sexual
orientation, gender identity, transgender status, disability,
veteran status, genetic information or other protected status.Apply
Keywords: ALSAC, Memphis , Architect, Information Security, Other , Memphis, Tennessee
Didn't find what you're looking for? Search again!