Role: Security Architect
Location: San Mateo. CA (Onsite)
Type: w2/Fulltime
Job Description:
- Minimum 12 years experience in Information Security Technology
- Assist Client to define Security requirements based upon Business needs and their Information Security Policy
- Good Understanding of IT security policy procedure design and implementation
- Assist Client to define Security requirements based upon Business needs and their Information Security Policy
- Evaluate the organizations information security policies and ensure that they meet industry requirements
- Define governance structure for the organization s polices
- Develop required process to support the policy implementation
- Develop policies and procedures and performance metrics to evaluate the policy implementation
- Review Policy Controls & Known gaps
- Review Infrastructure Layout & Risk Profiling
- Ensure and enforce security controls in the area of Networks and Applications to drive policy compliance and risk mitigation.
- Controlling and managing access rights to the information system and assets that manage these information repositories
- Escalating and reporting to CERT/CISO
- Provide Evaluation which includes supporting internal audits and evaluating Security Incidents
- Perform evidence gathering to validate compliance as requested and report audit results to appropriate Client oversight bodies
- Deep knowledge of Governance and audit
- Experience with implementation of corrective action programs
- Good Understanding of IT security policy procedure design and implementation.
- Extensive Knowledge on security models such as ITIL ISO27002SOX PCI DSS and Cobit 5
- Undertaking risk classifications and registration in line with the core business principles and policies
- Ensure and enforce security controls in the area of Networks and Applications to drive policy compliance and risk mitigation.
- Securityrelated Incident handling and registration
- Escalating and reporting to CERT/CISO
- Provide Evaluation which includes supporting internal and external audits and evaluating Security Incidents
- Perform evidence gathering to validate compliance as requested by Client and report audit
- Maintain documentation required for security assessments audits and internal control and control testing.
- Develop appropriate security controls for unauthorized external access