SIGNATURE PERFORMANCE
Position Purpose:
The Information Security Architect will be responsible for developing and implementing security strategies and solutions to protect Signature's mission and objectives. The Architect will collaborate with IT counterparts within the organization to ensure information is secure and compliant with applicable security standards and requirements such as HIPAA, NIST, FIPS, FISMA, FedRAMP, and HITRUST. This individual will work to advance the security of Signature's products in the Cloud, on premise, and hybrid environments. This role has responsibility for security applications, processes, and configurations directly impacting Signature's security posture. As such, the Architect must effectively collaborate with various team members such as technology owners, compliance, legal and leadership teams.
Organization:
This position reports to the Director of Information Security.
Essential Job Functions include the following:
- Develop and enhance security policies and standards, based on sound security architecture practices.
- Consult with engineering, development, and business teams on the secure design of key IT system and infrastructure projects to ensure alignment with enterprise security architecture.
- Coordinate, review, and implement directives to maintain compliance with regulatory and security industry standards.
- Educate internal customers on security risk and best practices.
- Support the creation of reliable automated end-to-end security tests.
- Assess security risks, test systems and networks, and investigate and respond to security events.
- Analyze security needs and requirements of existing and proposed systems.
- Evaluate product business cases including functional and detailed design specs to ensure security standards are met.
- Report underlying security issues and propose enhanced security protections and/or mitigation controls
- Research new and emerging threats to ensure assessment methodology keeps pace with security trends.
- Perform analysis to validate established security requirements and to recommend additional security requirements and safeguards.
Knowledge & Experience:
- Must be able to qualify for a NACLC DoD Clearance.
- Bachelor's or graduate degree in computer science, engineering, information systems, or equivalent experience.
- Security-related certification such as ISSAP, CISSP, CISM, CEH, or CISA
- Eight (8)+ years work experience in information security and application development.
- Knowledge and expertise in current requirements supporting NIST, FIPS, Federal Information Security Management Act (FISMA), and other security standards and policies.
- Proficient knowledge of programming languages, database management, statistical analysis, and storage systems and management.
- Proficient knowledge of computer and network systems, security protocols, cryptography, and security software.
- Proficient level of understanding of vulnerability assessment scanning tools and reporting.
- Experience with software and systems such as GCIA and SIEM.
- Experience with computing and Cloud software and systems.
- Skilled in threat detection and network architecture.
- Skilled in technical writing including IT Security policies, procedures, reports, and architectural drawings.
General Areas of Accountability:
- Must conduct business and personal affairs in a manner that is always a credit to the company. Must maintain a good credit rating while employed with the company.
Machines and Equipment:
- The incumbent must be able to effectively operate the current computer system, telephone system, and other office machines such as copiers and fax machines.
Physical Activity:
- The incumbent must be able to finger, grasp, feel, see, sit, hear, and speak. This position is sedentary in nature with minimal lifting requirements.
Working Conditions:
- The incumbent works in an office environment that is not substantially exposed to adverse environmental conditions such as heat, cold, or extreme noise. Routine periods of being on the phone utilizing a headset, sitting and data keying are required.
- Remote Eligibility: This position is full-time remote eligible. Eligibility is determined by Management or Human Resources.
U.S. Citizenship is Required for All Positions and Work on All Positions Must Be Completed in the Continental United States, Alaska, or Hawaii.
The above statements are intended to describe the general nature of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
U.S. Citizenship is Required for All Positions.
Work on All Positions Must Be Completed in the Continental United States, Alaska, or Hawaii.