- The Senior Information Security Architect will be a key member of the newly formed Information Security team.
- This individual will actively contribute to the development of the information security strategy.
- He/she will provide expertise and support to the Chief Information Security Officer of the agency.
- This candidate will contribute to all aspects of the Information Security Program including engineering, operations governance and incident response.
- Review and document technical requirement to comply with Citywide Cybersecurity Policies and Standards
- In collaboration with the CISO and IT team develop the agency information security strategy and key initiative
- Identify objectives & key performance indicators for each initiative’s success
- Develop budget & resource requirement and execution plans for key cybersecurity initiatives
- Lead key initiatives working with IT teams, third parties and key stakeholders to deliver the intended
- Provide technical expertise for security projects
- Lead user security awareness program
- Assist in identity governance program
- Provide guidance to improve SDLC security
- Lead vulnerability patching processes and provide risk assessment and prioritization
- Provide risk assessment for key applications
- Guide the organization change management process to ensure changes related to improving data security are accepted and adapted by the organization and key stakeholders
- Minimum of 4 -6 years of experience in information security architecture or engineering.
- Excellent verbal and written communications skills
- Ability to create executive contents and presentation with impactful messaging
- Bachelor’s or master’s degree in computer science preferably with a focus on Cybersecurity.
- Professional information security certifications such as the CISSP-ISSAP, AWS Solution Architect + Security or Azure Solutions Architect
- Must have strong working knowledge of security controls for on-premise and cloudbased computing services including AWS or Azure.
- Strong knowledge of common information security frameworks, including CIS Top 20 Controls, ISO 27001, and NIST 800-53 Series.
- Organization change management experience
Special Requirements Information Security Certifications:
ISACA, CISSP, CISM or cloud security certification is plus point