INSPYR Solutions
Enterprise Security Architect
INSPYR Solutions, Milwaukee, Wisconsin, United States, 53244
Title: Enterprise Security ArchitectLocation: Milwaukee, WIDuration: Direct HireCompensation: $135,000 - $155,000Work Requirements: U.S. Citizens, GC Holders or Authorized to Work in the U.S.
Skillset/Experience
Summary:The Enterprise Security Architect will design, implement, and maintain our security architecture while developing, reviewing, and guiding information security solutions across all business units, collaborating with stakeholders and teams throughout the organization. This role is responsible for guiding information security controls into business and technology processes, overseeing threat modeling products and services, identifying and remediating risks for externally sourced and internally developed software, and partnering with development teams to implement secure software development practices.Responsibilities: Plan, research, and design comprehensive security architecture for enterprise Technology Services systems, aligning with business strategies and requirements.Define security (functional and non-functional) requirements aligned with business objectives.Work with stakeholders to select, evaluate, design, and document enterprise security solutions.Support the development of security standards, reference architectures, patterns, and guidelines for consistent security posture.Assess the effectiveness of security controls (data protection, identity and access management (IAM), detective controls, infrastructure/network security, incident response) and drive implementation of appropriate controls, processes, and remediation of non-compliance.Research and advocate new technologies, architectures, and security products to enhance the organization's security maturity roadmap.
Act as a subject matter expert for security design, configurations, baselines, and technical standards.Stay informed about emerging security practices and standards.Respond to and investigate security incidents, providing thorough post-event analyses.Verify security systems through the development and implementation of test scripts.
Conduct regular security testing, monitoring, and implements necessary enhancements to maintain a strong security posture.Collaborate with senior leadership to define security requirements, effectively communicate results, and assess security risks.
Enhance the Security team's capabilities of delivering solutions and answering technical questions.Make business decisions that are financially responsible, accountable, justifiable, and defensible in accordance with organization policies and procedures.Perform other position-related duties as assigned.
Qualifications: Bachelor's degree in computer science, technology services, or a related field
Eight years or more of work experience designing and building enterprise-level security architecture and engineering environmentsExperience working with cloud security architectures (Azure, AWS)Experience working with advanced security controls and technologies (e.g., SIEM, CASB, Data Loss Prevention (DLP))Experience integrating security throughout the software development lifecycle (SDLC).Experience with secure architecture principles, secure SDLC, and security device management (installation, configuration, troubleshooting)Experience working with and resolving network attacks, phishing, spam email, encryption, authentication, logging and log analysis, and device reputationExperience securing application programming interfaces (APIs) to prevent unauthorized access and data breachesExperience designing architectural reference materialsExperience working with incident response planning and executionExperience working with security testing (scanning, pen testing, blue/red team activities)Experience working with common industry standards (ISO27001/2, NIST, COBIT, CIS) and regulatory standards (SOX, PCI, GDPR, CCPA)Experience conducting security risk assessments, business impact analysis (BIA), and business continuity planning (BCP)Experience working in technology rationalization, assessments, and strategy development within cybersecurity contextsExperience identifying security weaknesses and recommending remediation using industry best practicesExperience building test environments to simulate real-world security situationsExperience securing cloud containers and serverless functionsExperience working with Secure Access Service Edge (SASE)Experience working with Identity Governance and Administration (IGA).Experience implementing Zero Trust securityKnowledge of the latest cybersecurity threats and defense mechanismsKnowledge of data security techniques and best practices for protecting data at rest, in transit, and in useKnowledge of IAM, access control models, authentication methods, and authorization principlesKnowledge of application security, including secure coding practices, vulnerability assessments, and penetration testing methodologiesKnowledge of encryption algorithms, key management practices, and data protection
Required Certifications: Certified information systems security professional (CISSP) certificationCertified Information Security Manager (CISM) certificationCertified ethical hacker (CEH) certification
Preferred Qualifications: Experience mentoring and leading security teamsExperience managing the budget for a security teamExperience working with python and scripting languagesKnowledge of current and emerging security threats
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients’ business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.
Skillset/Experience
Summary:The Enterprise Security Architect will design, implement, and maintain our security architecture while developing, reviewing, and guiding information security solutions across all business units, collaborating with stakeholders and teams throughout the organization. This role is responsible for guiding information security controls into business and technology processes, overseeing threat modeling products and services, identifying and remediating risks for externally sourced and internally developed software, and partnering with development teams to implement secure software development practices.Responsibilities: Plan, research, and design comprehensive security architecture for enterprise Technology Services systems, aligning with business strategies and requirements.Define security (functional and non-functional) requirements aligned with business objectives.Work with stakeholders to select, evaluate, design, and document enterprise security solutions.Support the development of security standards, reference architectures, patterns, and guidelines for consistent security posture.Assess the effectiveness of security controls (data protection, identity and access management (IAM), detective controls, infrastructure/network security, incident response) and drive implementation of appropriate controls, processes, and remediation of non-compliance.Research and advocate new technologies, architectures, and security products to enhance the organization's security maturity roadmap.
Act as a subject matter expert for security design, configurations, baselines, and technical standards.Stay informed about emerging security practices and standards.Respond to and investigate security incidents, providing thorough post-event analyses.Verify security systems through the development and implementation of test scripts.
Conduct regular security testing, monitoring, and implements necessary enhancements to maintain a strong security posture.Collaborate with senior leadership to define security requirements, effectively communicate results, and assess security risks.
Enhance the Security team's capabilities of delivering solutions and answering technical questions.Make business decisions that are financially responsible, accountable, justifiable, and defensible in accordance with organization policies and procedures.Perform other position-related duties as assigned.
Qualifications: Bachelor's degree in computer science, technology services, or a related field
Eight years or more of work experience designing and building enterprise-level security architecture and engineering environmentsExperience working with cloud security architectures (Azure, AWS)Experience working with advanced security controls and technologies (e.g., SIEM, CASB, Data Loss Prevention (DLP))Experience integrating security throughout the software development lifecycle (SDLC).Experience with secure architecture principles, secure SDLC, and security device management (installation, configuration, troubleshooting)Experience working with and resolving network attacks, phishing, spam email, encryption, authentication, logging and log analysis, and device reputationExperience securing application programming interfaces (APIs) to prevent unauthorized access and data breachesExperience designing architectural reference materialsExperience working with incident response planning and executionExperience working with security testing (scanning, pen testing, blue/red team activities)Experience working with common industry standards (ISO27001/2, NIST, COBIT, CIS) and regulatory standards (SOX, PCI, GDPR, CCPA)Experience conducting security risk assessments, business impact analysis (BIA), and business continuity planning (BCP)Experience working in technology rationalization, assessments, and strategy development within cybersecurity contextsExperience identifying security weaknesses and recommending remediation using industry best practicesExperience building test environments to simulate real-world security situationsExperience securing cloud containers and serverless functionsExperience working with Secure Access Service Edge (SASE)Experience working with Identity Governance and Administration (IGA).Experience implementing Zero Trust securityKnowledge of the latest cybersecurity threats and defense mechanismsKnowledge of data security techniques and best practices for protecting data at rest, in transit, and in useKnowledge of IAM, access control models, authentication methods, and authorization principlesKnowledge of application security, including secure coding practices, vulnerability assessments, and penetration testing methodologiesKnowledge of encryption algorithms, key management practices, and data protection
Required Certifications: Certified information systems security professional (CISSP) certificationCertified Information Security Manager (CISM) certificationCertified ethical hacker (CEH) certification
Preferred Qualifications: Experience mentoring and leading security teamsExperience managing the budget for a security teamExperience working with python and scripting languagesKnowledge of current and emerging security threats
About INSPYR Solutions
Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients’ business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.
INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.