• The Senior Information Security Architect will be a key member of the newly formed Information Security team. • This individual will actively contribute to the development of the information security strategy. • He/she will provide expertise and support to the Chief Information Security Officer of the agency. • This candidate will contribute to all aspects of the Information Security Program including engineering, operations governance and incident response.
• Review and document technical requirement to comply with Citywide Cybersecurity Policies and Standards • In collaboration with the CISO and IT team develop the agency information security strategy and key initiative • Identify objectives & key performance indicators for each initiative’s success • Develop budget & resource requirement and execution plans for key cybersecurity initiatives • Lead key initiatives working with IT teams, third parties and key stakeholders to deliver the intended • Provide technical expertise for security projects • Lead user security awareness program • Assist in identity governance program • Provide guidance to improve SDLC security • Lead vulnerability patching processes and provide risk assessment and prioritization • Provide risk assessment for key applications • Guide the organization change management process to ensure changes related to improving data security are accepted and adapted by the organization and key stakeholders
• Minimum of 4 -6 years of experience in information security architecture or engineering. • Excellent verbal and written communications skills • Ability to create executive contents and presentation with impactful messaging • Bachelor’s or master’s degree in computer science preferably with a focus on Cybersecurity. • Professional information security certifications such as the CISSP-ISSAP, AWS Solution Architect + Security or Azure Solutions Architect • Must have strong working knowledge of security controls for on-premises and cloudbased computing services including AWS or Azure. • Strong knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series. • Organization change management. experienceISACA, CISSP, CISM or cloud security certification is plus point