Enterprise Security Architect position at Bellevue, WA. Hands-on experience supporting network, operating system, database, application & data layers across multiple platforms and technologies. Ability to assess risks and provide innovative countermeasures and solutions.
Requirements
- Act as a trusted technical advisor with key security stakeholders at all levels of the organization
- Hands-on experience supporting network, operating system, database, application & data layers across multiple platforms and technologies
- Ability to assess risks and provide innovative countermeasures and solutions that appropriately balance security and business requirements
- Ability to consult internally with Sr. Engineers (Application, Network, DevOps) to apply security principles and best practices that meet business objectives
- Experience controlling the threat surface area, identifying attack vectors, vulnerabilities and establishing appropriate controls
- Evaluation & assessment of compliance to a regulation, law or policy using industry standard methodologies (ISO27001, COBIT, NIST, etc.) in an enterprise environment
- Ability to evaluate, recommend, and implement commercial hardware and software security products to augment and enhance the Company enterprise security program
- Ability to learn a new technology and drive it from ideation through deployment and integration to fully automated and operationalized
- Ability to automate basic integration, data collection, scripting and reporting tasks via secure coding standards
- Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines
- Innovative, collaborative and able to solve problems independently
- Able to work within the team to build measurable, repeatable processes
- Strong verbal and written communication skills
- 5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN, Application Security SAST/DAST, etc.
- 5+ years information security experience preferred
- Proven ability to assess and influence capital project design and delivery decisions
- Proven ability to assess, recommend, deploy and integrate Information Security tools
- Foundational understanding of several enterprise environment technologies
- Working knowledge and experience in multiple ISC2 security domains
- Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
- Ethical Penetration Testing experience preferred