The Enterprise Information Security Architect will apply a combination of business process analysis and technical knowledge to develop enterprise security architectural deliverables that identify and describe the relationships among functions, data, applications and technology at various levels.  The person will perform individual assignments and lead project teams composed of Business Analysts, Systems Engineers and Research Specialists, as well as analyze systems and technology integration requirements across multiple applications and organizations.  It is important that the candidate communicate and work closely with process and system owners, IT management, peers, and technical staff to ensure the relevance of the security architecture and system designs to business process requirements.  Additionally, the candidate will develop advanced enterprise wide security ideas and guide their development into a final product.

This position reports to the Director of Technology Architecture and will:

• Provide technical guidance and renders decisions regarding Security Technology designs and engineering.
• Act as an advisor to management and technology stakeholders on advanced Security research studies and applications.
• Maintain standards for system documentation.
• Develop and implement Enterprise-wide and cross-functional Security Solutions.
• Research and recommend new industry IT Security models, management strategies and effective resource utilization models.
• Monitor, benchmark and report progress and performance of Security systems management and service levels.
• Conduct security technology reviews and audits that ensure computer systems are built to security architecture principles, follow Enterprise standards and are optimized to maximum efficiency.
• Interface with external business partners, vendors and subcontractors on issues of interoperability.
• Promote technology security

Our client, a Leading NJ Health Insurance Provider, is looking for a dedicated Enterprise Information Security Architect to work and report directly to the Director of Technology Architecture.

Basic Qualifications:

• Bachelor’s degree in Information Technology or related discipline from an accredited college or university, advanced degree or other professional certification in Management Information Systems is preferred
• 10+ years of professional business experience in Security Architecture, including security with Applications, Infrastructure, external internet security, and Access and Identity Management
• Experience with information privacy and security laws (covering such items as data breaches, records management and structured/unstructured data)
• Must have prior hands on experience reviewing code designs from a security standpoint
• Prior experience with Single Sign on, as well as Internal and External Applications Security Assessment

• Demonstrated experience with Secure Development Lifecycle
• Demonstrated experience with defending OWASP Top Ten Attack types
• Must have prior experience with SSL, and can articulate what it can/cannot cover and why it’s important
• Experience with C, Python, Ruby, C++ or other relevant languages
• Demonstrated experience with Vulnerability assessments, penetration testing and experience fixing vulnerabilities.
• Experience with information privacy and security laws (covering such items as data breaches, records management and structured/unstructured data)
• Prior Data Encryption solutions experience
• Prior ITCAM/SOA experience

Additional Qualifications/Knowledge:

• Prefer 5+ years of management experience
• Experience working in the Healthcare industry or another controlled regulatory environment is preferred

Skills and Abilities

• Strong understanding of application security principles
• Ability to articulate the 3 components of AAA (AuthN, AuthZ and Audit)
• Strong understanding of TOGAF and can articulate it’s importance and relevance
• Strong project management and leadership skills
• Good vendor relationship management and negotiation skills
• Excellent presentation skills and able to speak in front of senior Executives
• Good interpersonal skills with the ability to interact with all levels of management and staff
• Good written communication skills