Zones, Inc
IT Security Architect Lead
Zones, Inc, Stamford, Connecticut, United States, 06925
Position Details:Term:
6 months contract-to-hire with our client in the Insurance industryLocation:
remote - prefer candidates based in greater Stamford CT regionHours:
Mon-Friday 8-5pm ET
Role Overview:The Information Security Architecture & Engineering Lead is a member of the IT Security Team who leverages extensive experience in Information Systems and Cloud technologies to develop strategies and solutions that support the business and protect against threats over the long term. The candidate must have a strong hands-on technical background and should enjoy researching, designing, and implementing secure modern solutions with Azure paradigms and facilities. The candidate must be highly collaborative and is expected to mentor and partner with other teams on a regular basis.
What you'll do as the IT Security Architect Lead:Leads the Security Architecture and Engineering practice.Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.Applies strong logic and principles-based reasoning to define solutions and justify proposals.Contributes to the development and maintenance of the information security strategy.Works closely with other IT architects and staff to ensure that security is appropriately addressed in the definition, design, implementation, and operation of all IT services, systems, and platforms.Researches, designs, and advocates new technologies, architectures, and solutions supporting security requirements of the enterprise, its customers, business partners, and vendors.Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits, and mitigations.Plays a lead role in the definition and implementation of security initiatives.Serves as a lead engineer supporting security platforms and services.Acts as a key member of the Gen Re CSIRT.
What you'll bring to the table:Bachelor's or master's degree in computer science, information systems, or other related field, or equivalent work experience.Professional security management certification, such as ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED).Extensive expertise in NIST and ISO 27001 security practice frameworks.Extensive hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation correlation technologies).Extensive hands-on experience operating one or more common IT infrastructures (Telecom, database, Windows and *NIX systems, virtualization platforms).Demonstrable experience securing and managing Cloud infrastructures (e.g. Azure, Kubernetes).Proficiency with scripting/programming languages (e.g. Python, PowerShell).Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, OAuth, SAML).Expertise with enterprise certificate management and PKI services.Familiarity with the benefits and risks of AI/ML with respect to Security.Familiarity with U.S. and international Data Privacy and Security regulations and best practices (NYDFS, GDPR, etc.).Familiarity with a relevant enterprise architecture methodology (e.g. Zachman Framework, TOGAF, SABSA).Exceptional diplomacy and ability to receive and communicate constructive criticism/areas needing improvement to the development team and explain why compliance to standards is needed.The following are not essential, but are highly valued:
Professional experience in application or infrastructure penetration testing.Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Ansible, etc.).
Benefits:While we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team. Our employees enjoy a variety of comprehensive benefits, including medical/dental/vision coverage, life insurance, a 401(k) plan with matching provision, paid time off, and much more. As a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.
At Zones, work is more than a job – with exciting careers with a global team who are client-centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or on the basis of disability.#J-18808-Ljbffr
6 months contract-to-hire with our client in the Insurance industryLocation:
remote - prefer candidates based in greater Stamford CT regionHours:
Mon-Friday 8-5pm ET
Role Overview:The Information Security Architecture & Engineering Lead is a member of the IT Security Team who leverages extensive experience in Information Systems and Cloud technologies to develop strategies and solutions that support the business and protect against threats over the long term. The candidate must have a strong hands-on technical background and should enjoy researching, designing, and implementing secure modern solutions with Azure paradigms and facilities. The candidate must be highly collaborative and is expected to mentor and partner with other teams on a regular basis.
What you'll do as the IT Security Architect Lead:Leads the Security Architecture and Engineering practice.Strong conceptual thinking and communication skills - the ability to translate complex business and technical requirements into effective and comprehensible solutions.Applies strong logic and principles-based reasoning to define solutions and justify proposals.Contributes to the development and maintenance of the information security strategy.Works closely with other IT architects and staff to ensure that security is appropriately addressed in the definition, design, implementation, and operation of all IT services, systems, and platforms.Researches, designs, and advocates new technologies, architectures, and solutions supporting security requirements of the enterprise, its customers, business partners, and vendors.Maintains deep expertise in the growing body of IT security vulnerabilities, threats, exploits, and mitigations.Plays a lead role in the definition and implementation of security initiatives.Serves as a lead engineer supporting security platforms and services.Acts as a key member of the Gen Re CSIRT.
What you'll bring to the table:Bachelor's or master's degree in computer science, information systems, or other related field, or equivalent work experience.Professional security management certification, such as ISC(2) Certified Information Systems Security Professional (CISSP), SANS GIAC Information Security Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED).Extensive expertise in NIST and ISO 27001 security practice frameworks.Extensive hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Web Content Filters, Proxies, DLP, SIEM, Log aggregation correlation technologies).Extensive hands-on experience operating one or more common IT infrastructures (Telecom, database, Windows and *NIX systems, virtualization platforms).Demonstrable experience securing and managing Cloud infrastructures (e.g. Azure, Kubernetes).Proficiency with scripting/programming languages (e.g. Python, PowerShell).Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, OAuth, SAML).Expertise with enterprise certificate management and PKI services.Familiarity with the benefits and risks of AI/ML with respect to Security.Familiarity with U.S. and international Data Privacy and Security regulations and best practices (NYDFS, GDPR, etc.).Familiarity with a relevant enterprise architecture methodology (e.g. Zachman Framework, TOGAF, SABSA).Exceptional diplomacy and ability to receive and communicate constructive criticism/areas needing improvement to the development team and explain why compliance to standards is needed.The following are not essential, but are highly valued:
Professional experience in application or infrastructure penetration testing.Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Ansible, etc.).
Benefits:While we’re committed to providing top-tier solutions, we’re just as committed to supporting our own team. Our employees enjoy a variety of comprehensive benefits, including medical/dental/vision coverage, life insurance, a 401(k) plan with matching provision, paid time off, and much more. As a Minority Business Enterprise, a Corporate Plus member of the Northwest Minority Supplier Development Council, and an Equal Employment Opportunity Employer, our community is just as diverse.
At Zones, work is more than a job – with exciting careers with a global team who are client-centric, have a passion for tech, who embrace change and lifelong learning in a collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or on the basis of disability.#J-18808-Ljbffr