Information Security Architect - Cloud & Application Platform

Joob Opening for Information Security Architect (Cloud & Application)

Key Responsibilities:

- Information Security Architect is a business-oriented information security engineering role who is a subject matter expert in Information Security who will design, develop, and maintain IT Security programs and processes for the platform and other applications.

- Supports executive strategies, and fundamentally ensures the security of the information is entrusted to protect.

- Conducts industry research on new and emerging security technologies and identifies approaches to improve upon existing processes and practices.

- Work directly with the business to facilitate security risk assessments and risk management processes.

- Engage in new and existing application projects to provide guidance and direction for all aspect of the SSDLC.

- Assist in the identification, prioritization, and remediation of application vulnerabilities.

- Solution compensating controls and mitigation strategies to reduce technical and business risk with regard to application security and data protection.

- Assist with other application security programs as needed.

- Research industry best practices and maintain technical expertise to remain relevant in the industry.

- Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems.

- Liaise with colleagues and stakeholders and navigate the system to continue with the IT deployment plan in place to achieve the business objectives

- Integrate security framework with Marsh McLennan policies

Ideal Candidate:

- Degree in business administration or a technology-related field required.

- Professional security management certification

- Minimum of 14 to 18 years of experience in a combination of risk management, information security and IT jobs

- Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.

- Information security related certification like CISA/CISM/CISSP

- Excellent written and verbal communication skills and high level of personal integrity

- Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams

- Experience with contract and vendor negotiations and management including managed services.

- Specific experience in Agile (scaled) software development or other best in class development practices.

- Demonstrated experience with developing and implementing an information security awareness and training program

- Experience with Cloud computing/Elastic computing across virtualized environments