Information Security Architect

Information Security Architect | 100% Remote Opportunity 

General Summary:

This role will maintain and direct comprehensive information security architecture to optimize the information security posture of the company and responsible for leading, developing and implementing enterprise security architectures and solutions to ultimately improve risk posture, and ensure compliance with various privacy and/or regulatory compliance requirements. The role will be responsible for conducting design and engineering of security architecture solutions that contribute to maintaining the confidentiality, integrity and availability of information assets.

Essential Duties and Responsibilities:

• Integrate industry knowledge with business knowledge to develop security strategies for the enterprise.
• Direct the growth of the security program, including awareness, policies, procedures and standards.
• Mange and/or providing oversight for security implementation projects by business, IT and operations teams.
• Develop security technology roadmaps.
• Contribute input and guidance to the Vendor Management Team as it applies to Information Security controls.
• Participate as the key member of the Security Architecture function in architecture review boards.
  • Review project documentation and document necessary security controls and requirements or strategies to address information security needs for corporate applications, networks, mobility, data center and end users computing technologies, and oversee projects through the implementation phase.
• Review and refine the architecture of the defense-in-depth program and oversees the SDLC and/or PMO from a Security Architecture perspective.
• Lead activities in cybersecurity priorities in support of functional and organizational goals.
• Develop and maintain information security architecture artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
• Conduct long-range, strategic planning efforts with internal and external partners in cyber activities.
• Understand the opportunities and challenges facing the business, IT and operational groups.
  • Advise and help them understand and align with proposed security strategies, policies, and architectures while collaborating with those groups to support their implementation of those strategies, policies and architectures.
• Design and implement mechanisms to monitor adherence to strategies and policies.
• Serve as the subject matter expert on security technologies.
• Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Establish annual and long-range security and compliance goals, define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.
• Ensure that Security controls meet the requirements of applicable regulatory requirements or contractual requirements; GLBA, state regulations (most importantly, 23-NYCRR-500), Sarbanes Oxley Act (SOX), etc.
• Serve as an active member of incident response teams and participates in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Act as a technical consultant on information security incident investigations, forensic technical analyses.
• Help incorporate good security practices into new solutions using industry standard methodologies, regulatory guidance, and polices.
• Communicate effectively at different levels within and outside the organization - leadership/management, business stakeholders, vendors and sourcing suppliers.
• Develop and fosters strategic relationships and establishes key organizational partnerships.
• Analyze and defines security requirements for networks, corporate applications/systems, end user computing, mobility, and data center technologies and solutions.
• Design security systems by evaluating security technologies; performs assessments of current security state, and acts as a primary liaison in assisting remediation efforts with the business and Information Technology.
• Other duties as assigned.

 Job Requirements:

• Minimum 6 years’ experience in technology and minimum 3 years’ experience in Information Security.
• 4-year degree in technical field.
• Master’s degree preferred.
• Certifications
  • Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
• Relevant Architecture Certification preferred
  • AWS Certified Solution Architect, The Open Group Certified Architect, Certified ISO 27001 Internal Controls Architect, etc.
• Understanding of enterprise risk management principles and processes.
• Experienced in controls management including ISO27000 and MITRE ATT&CK.

Salary Range:  $75,000 - $120,000 comprehensive benefits package and 401k Match (details discussed in the first interview). Please follow the link to our benefits page for details!  https://www.employers.com/careers/our-benefits-and-perks/

Work Environment/Physical Demands:

This role is REMOTE friendly, but only open to candidates currently located in the United States.  It requires a suitable space that provides a private and quiet workplace. This role potentially and will routinely use office equipment such as computers, phones, printers, and web conferencing technology as examples.   

• EXPECTED WORK HOURS: Schedules are set to accommodate the requirements of the position and the needs of the organization and may be adjusted as needed.
• TRAVEL: May be required to travel to off-site location(s) to attend meetings, as necessary
• This is largely a sedentary role; however, some mobility is required.
• May work early, late, or occasional weekend hours to accommodate business needs.
• Occasional lifting of a maximum of 30lbs.
• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

About the Company:

EMPLOYERS is a dynamic, fast-growing provider of workers' compensation insurance and services, we are seeking a goal-oriented individual willing to put their ideas to work!

We offer a positive, challenging work environment, combined with an opportunity to build your career as you help us grow our business, in innovative and imaginative ways that are uniquely EMPLOYERS!

Headquartered in Nevada, EMPLOYERS attributes its long-standing success (100 years!) to its most valuable resource, our employees.  EMPLOYERS is known for the quality service and expertise we provide to our clients, and the exemplary work environment we provide for our employees.

We live and breathe our core values: Integrity, Customer Focus, Collaboration, Initiative, Accountability, Innovation, and Personal Fulfillment.  These are the pillars that support how we do business with our clients as well as how we treat each other.

At EMPLOYERS, you’ll discover an energetic environment that inspires top achievement.  As “America’s small business insurance specialist”, we have the resources, a solid reputation, and an expanding nationwide identity to enrich your work life and enhance your career. #LI-Remote LP22