As an Information Security Architecture Consultant, you will join a diverse team of technical experts in building a world-class security technical advisory and thought-leadership organization.
The Information Security Architecture Consultant serves as an internal security consultant from the Corporate Information Security (CIS) department to other Client Business Units, providing information security direction to these internal customers; enabling the business to rapidly innovate and deploy services while minimizing risks to the Brand.
This internal consulting focuses on the areas of Security Architecture, Cloud Security, Risk and Compliance, Secure Development Lifecycle Management, Application Security (WWW and Mobile) and Business to Business Security. We work under a center-led business-partner model, and as such, strong communication, leadership and problem-solving skills are a must.
· Consult with both technology and business teams to identify priorities and security
· capability requirements and incorporate these requirements into the security strategy.
· Reference direction set by the Corporate Information Security team (CIS) and the technology teams
· Drive consumption and adoption of the existing CIS security services
· Evaluate and recommend activities to support Client Information Security Program
· Coordinate with cross functional teams for alignment and establish practices for validation of controls throughout the design and delivery lifecycle.
· Facilitate business & technology risk decisions
· Apply the security control standards and practices to be embedded within each system and environment
· Provide critical input and guidance to ensure that Client’s Business is aligned appropriately with Corporate Information Security when considering key priorities such as business requirements, industry threat landscape, and risk appetite of Client, Inc.
· Work closely with Client Business end-to-end in releasing secure and compliant infrastructure, applications and experiences at the speed of business.
· Partner with business and technology to provide expert security guidance into design and implementation of Client’s Business capabilities.
· Ability to work on site full time is required.
Successful candidates will accomplish these responsibilities by:
· Leveraging your broad IT and Information Security skills and experience to advise and consult with internal customers.
· Effectively communicating & influencing at the program management, technical lead, and senior leadership levels.
· Partner with business and technology to provide expert security guidance into design and implementation of enterprise capabilities.
· Consult with both technology and business teams to identify priorities and security capability requirements and incorporate these requirements into the security strategy.
· Work closely with different work streams end-to-end in releasing secure and compliant infrastructure, applications and experiences at the speed of business.
· Good understanding of business requirements, industry threat landscape, and business risk appetite.
· Communication skills:
o Strong technical knowledge and confidence in communicating with both highly technical audiences and non-highly technical audiences.
o Strong written and verbal communication skills and an ability to communicate across all areas and levels of the business and to comprehend complex business initiatives.
o Ability to adjust communication style and approach, from strategic leadership to highly technical audiences.
o Proven ability to pull a diverse group of individuals with different goals together and facilitate productive discussions driving towards results.
· Technical skills:
o Excellent analytical and problem-solving skills; proven experience in identifying solutions for complex problems.
o Motivated self-starter who is has a track record of taking ownership of information security challenges and driving them to resolution.
o Proven ability to work within a matrixed organization to influence and drive results.
o Experience with cloud services highly beneficial: AWS, Azure, SAP.
o Bachelor's degree in Computer Science or Business Information Management or equivalent work experience.
o Minimum 5 years' experience in information security or information technology disciplines.
o CISSP, CISM, CISA, CRISC, SANS or related certifications strongly preferred but equivalent knowledge will be considered.
o Ability to work on site full time is required.