Security Architect
Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Job Role: Security Architect
Location: Washington DC (Hybrid role)
Duration: 6 months contract role
Essential Job Functions:
Experienced IT professional establishing the direction for enterprisewide projects and contributing to strategies plans and policies related to security risk management and/or compliance.
Consults to project teams where significant risk security and compliance issues are involved including those that have not been encountered before and/or have broad implications for the enterprise.
Empowered to make decisions at the enterprise level which can impact all ITS and WBG functions independently with limited work direction.
Takes a lead role in developing the risk management security and/or compliance plan for a project ensuring design is compliant with policy operational requirements and within defined risk appetite.
Creates advisory documents or project artifacts in standard situations; identifies root causes of risk security and/or compliance incidents that arise and directs the resources necessary to resolve them.
Conduct risk security and compliance audits /assessments and define strategies to address identified issues and prioritize risk treatment options to manage risk within defined appetites.
Monitors emerging trends in IT security risk management and compliance and makes recommendations to management.
Assist with the establishment and maintenance of a framework to provide assurance that internal controls and processes meet best practice and audit requirements.
Designs controls standards and key risk and performance indicators. Educates colleagues in their area(s) of expertise and assists in the development of awareness and compliance training programs.
Provides technical expertise on the administration of tools relates to their area(s) of expertise.
Provides guidance to project teams on security/ risk management /compliance issues; ensures that project plans / technology initiatives are compliant. Resolves project problems related to their area(s) of expertise.
Provides technical guidance and mentorship to team members.
Leads programs to enhance security/compliance/risk awareness across the WBG
Develops innovative solutions contributes new insights to understand situations and develops solutions to resolve complex problems. Identifies and pursues innovative approaches to resolve issues.
Participates in the evaluation of emerging technologies that are new to the information systems industry. Applies knowledge across WBG to strengthen solutions for internal and/or external clients.
Must Have:
Experience with enterprise security architecture design and implementation for a financial services organization or other organizations with similar information security needs and requirements.
Demonstrated handson experience with Infrastructure as Code (IaaC) including specific examples of automating and managing infrastructure through code in previous roles.
Proven knowledge and application of Artificial Intelligence Machine Learning and Generative AI with real life solutions of using these technologies to address complex challenges.
Extensive experience in API security successful implementation of robust security practices and protocols to ensure the protection and integrity of APIs.
Familiar with Microsoft Azure and Office 365 technology platforms applications and security controls for such Microsoft technologies.
Familiar with Agile practice at an enterprise scale. Familiar with Scaled Agile Framework (SAFe) is a plus.
Selection Criteria:
Masters degree with 8 years relevant experience or bachelors degree with a minimum of 10 years relevant experience. Sample degrees: Computer Science Information Management and Information Systems.
Experience in providing guidance for application security risk assessment and data protection based on data sensitivity and associated business risks.
Experience with enterprise security architecture design and implementation for a financial services organization or other organizations with similar information security needs and requirements.
Demonstrated handson experience with Infrastructure as Code (IaaC) including specific examples of automating and managing infrastructure through code in previous roles.
Proven knowledge and application of Artificial Intelligence Machine Learning and Generative AI with real life solutions of using these technologies to address complex challenges.
Extensive experience in API security successful implementation of robust security practices and protocols to ensure the protection and integrity of APIs.
Familiar with Microsoft Azure and Office 365 technology platforms applications and security controls for such Microsoft technologies.
Familiar with Agile practice at an enterprise scale. Familiar with Scaled Agile Framework (SAFe) is a plus.
Experience guiding project team remediating common application vulnerabilities.
Certification Requirements:
Certified Information Systems Security Professional (CISSP) is a plus.
GCP AWS or Microsoft Certified Cloud Solution Architect certification is a plus.
Required Skills/Abilities:
Extensive knowledge of IT enterprise architecture software development life cycle and information security platforms and applications.
Work independently with minimal supervision and ability to work well under pressure and meet tight deadlines.
Handson experience with Infrastructure as Code (IaaC) demonstrating proficiency in automating and managing infrastructure through code.
Extensive knowledge of Artificial Intelligence Machine Learning and Generative AI is essential with the ability to apply these technologies to solve complex problems.
Strong experience in API security is required ensuring the protection and integrity of APIs through robust security practices and protocols.
Excellent written and verbal communication skills.
Solid understanding of security protocols cryptography authentication authorization.
Solid understanding of DevSecOps InfrastructureasCode Policyascode.
High level of motivation confidence integrity and responsibility.
Knowledge of best practices and standards for enterprise security architecture specifically in the field of Identity & Access Management Enterprise Content Management Collaboration Tools ServiceOriented Architecture Cloud Mobility Data Analytics and Web 2.0 related services.
Practical knowledge of common Web vulnerabilities as per SANS 25 or OWASP Top 10 specifications.
Excellent interpersonal skills including the ability to work independently and effectively in a team/task force as a team member or leader and with senior staff and managers in the unit and elsewhere in the WBG.
Ability to collaborate with senior management stakeholders to identify requirements and drive compliance with approved standards.
Please send your resumes to:
Employment Type
Full Time
