Information Security Architect

Duties & Responsibilities: 1. Systems Requirements Planning Develop and document secure system designs using principles such as Zero Trust and micro-segmentation to reduce cyber risk. Provide subject matter expertise to the Information Security Risk Management Team in assessing risks for new technologies or use cases. 2. Systems Security Architecture Serve as a security representative on technology project teams throughout the project lifecycle. Ensure that security controls are designed, implemented, and documented effectively. Advise on the criticality and remediation of known software and firmware vulnerabilities. Create and document solutions using a risk-based approach that balances business requirements, compliance needs, and cybersecurity risks based on the NIST Cyber Security Framework. Actively participate as a member of the Cyber Incident Response Team (CIRT). Design, document, build, implement, and support enterprise-class security tools and systems. Perform or oversee security assessments on critical infrastructure and applications. Explain complex technical topics to non-technical audiences effectively. 3. General Duties Continuously provide recommendations to enhance the security of user accounts, employee information, and constituent data. Communicate cybersecurity threats and strategies to mitigate risks effectively. Ensure compliance with enterprise security policies and standards. Participate in process improvement activities by providing documented security guidance and recommendations. Assist in creating and maintaining documented processes that apply security requirements from enterprise policies to Security Team operations. Respond professionally to inquiries from customers, vendors, and co-workers. Provide on-call support as required. Be available to drive a company or personal vehicle to assist during emergencies or events when needed. Qualifications: Bachelor’s degree or equivalent experience in computer, network, data, or cloud technologies. Comprehensive knowledge of all layers of the OSI model. Familiarity with security architecture frameworks. Current knowledge of the cyber threat landscape, vulnerability management, security monitoring, and security operations analytics. Proficiency in cybersecurity frameworks (e.g., NIST CSF, CIS 18). Proven ability to conduct risk assessments of applications, databases, and infrastructure. Strong verbal and written communication skills. Experience in creating and maintaining security-related documentation. Ability to work both independently and collaboratively in a team setting. Preferred Qualifications: Relevant certifications such as CISSP, CISSP-ISSAP, CISSP-ISSEP, CEH, Security (or equivalent).

Location: Boston, MA, US

Posted Date: 1/16/2025