NR Consulting
NR Consulting is hiring: Security Architect in New Haven
NR Consulting, New Haven, CT, United States
Overview
As the Information Security Architect, you will play a vital role in ensuring the confidentiality, integrity, and availability of our organization's information assets. You will be responsible for designing and implementing secure solutions that align with our business objectives, regulatory requirements, and industry best practices. Collaborating closely with cross-functional teams, you will assess risks, develop security strategies, and lead the implementation of robust security architectures. In this role, you will have the opportunity to apply your deep knowledge of information security principles, technologies, and frameworks to enhance the overall security posture of our organization. Your expertise will guide the design and implementation of secure systems, networks, and applications while ensuring that security controls are integrated seamlessly into our technology landscape. Additionally, you will be part of the organization's architectural community, partnering closely with other architects and a member of the design authority.
Core Responsibilities
Develop and implement comprehensive security architectures, frameworks, and strategies to protect our organization's information assets, both on-prem and in public cloud.
Collaborate with stakeholders to understand business requirements and translate them into effective security controls and measures.
Conduct risk assessments and vulnerability assessments to identify security gaps and recommend remediation actions.
Participate in DevOps model for code review, SDLC, API's, and the overall secure deployment of code.
Design and review security controls for systems, networks, and applications, ensuring they are aligned with industry standards and regulatory requirements.
Lead the evaluation and selection of security technologies, tools, and services to support the organization's security objectives.
Stay current with emerging threats, vulnerabilities, and industry trends, and provide guidance on their potential impact and mitigation strategies.
Work closely with cross-functional teams to integrate security requirements into the software development lifecycle, infrastructure projects, and operational processes.
Provide guidance and support to the incident response team during security incidents, conducting forensic investigations as necessary.
Stay informed about the latest developments in security standards, frameworks, and best practices, and recommend improvements to enhance the overall security posture.
Partner with other Architects and participate in Design Authority committee.
Skills Qualifications
Required:
In-depth knowledge of information security principles, practices, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
Strong technical background as an Engineer or similar function. With working experience in networking protocols, infrastructure systems, cloud, authentication standards, security technologies, & encryption methods.
Proficiency in conducting risk assessments, vulnerability assessments, and threat modeling.
Working experience with cloud security architecture and related technologies (e.g., AWS, Azure).
Experience in designing and implementing secure solutions for web applications, mobile applications, and network infrastructure.
Strong analytical and problem-solving skills, with the ability to balance security requirements with business objectives.
Excellent communication and interpersonal skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
Exposure to business applications such as ERP, DXP and CRM systems
Strong attention to detail, along with solid organizational and time management skills. Can prioritize and meet deadlines.
Education
Required:
Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience).
Certifications are not required, but a plus. Azure, AWS or other cloud security certifications. Other security related certifications such as CISSP, CISM, GSEC, or SSCP.
10+ years overall industry experience with at least five years of proven experience as an Information Security Architect or Engineer.
As the Information Security Architect, you will play a vital role in ensuring the confidentiality, integrity, and availability of our organization's information assets. You will be responsible for designing and implementing secure solutions that align with our business objectives, regulatory requirements, and industry best practices. Collaborating closely with cross-functional teams, you will assess risks, develop security strategies, and lead the implementation of robust security architectures. In this role, you will have the opportunity to apply your deep knowledge of information security principles, technologies, and frameworks to enhance the overall security posture of our organization. Your expertise will guide the design and implementation of secure systems, networks, and applications while ensuring that security controls are integrated seamlessly into our technology landscape. Additionally, you will be part of the organization's architectural community, partnering closely with other architects and a member of the design authority.
Core Responsibilities
Develop and implement comprehensive security architectures, frameworks, and strategies to protect our organization's information assets, both on-prem and in public cloud.
Collaborate with stakeholders to understand business requirements and translate them into effective security controls and measures.
Conduct risk assessments and vulnerability assessments to identify security gaps and recommend remediation actions.
Participate in DevOps model for code review, SDLC, API's, and the overall secure deployment of code.
Design and review security controls for systems, networks, and applications, ensuring they are aligned with industry standards and regulatory requirements.
Lead the evaluation and selection of security technologies, tools, and services to support the organization's security objectives.
Stay current with emerging threats, vulnerabilities, and industry trends, and provide guidance on their potential impact and mitigation strategies.
Work closely with cross-functional teams to integrate security requirements into the software development lifecycle, infrastructure projects, and operational processes.
Provide guidance and support to the incident response team during security incidents, conducting forensic investigations as necessary.
Stay informed about the latest developments in security standards, frameworks, and best practices, and recommend improvements to enhance the overall security posture.
Partner with other Architects and participate in Design Authority committee.
Skills Qualifications
Required:
In-depth knowledge of information security principles, practices, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
Strong technical background as an Engineer or similar function. With working experience in networking protocols, infrastructure systems, cloud, authentication standards, security technologies, & encryption methods.
Proficiency in conducting risk assessments, vulnerability assessments, and threat modeling.
Working experience with cloud security architecture and related technologies (e.g., AWS, Azure).
Experience in designing and implementing secure solutions for web applications, mobile applications, and network infrastructure.
Strong analytical and problem-solving skills, with the ability to balance security requirements with business objectives.
Excellent communication and interpersonal skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
Exposure to business applications such as ERP, DXP and CRM systems
Strong attention to detail, along with solid organizational and time management skills. Can prioritize and meet deadlines.
Education
Required:
Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience).
Certifications are not required, but a plus. Azure, AWS or other cloud security certifications. Other security related certifications such as CISSP, CISM, GSEC, or SSCP.
10+ years overall industry experience with at least five years of proven experience as an Information Security Architect or Engineer.