Lighthouse Technology Services is partnering with our financial client to fill their Cybersecurity Solutions Architect position! This is a 6+ month contract opportunity. This role is open to local and remote candidates; candidates who can be on-site 3 days/week in Buffalo, NY or Wilmington, DE are preferred. This role will be a W2 employee of Lighthouse Technology Services.
What You'll Be Doing:
- Lead a security practice focused on specialized assessment of security controls for systems and applications.
- Leverage a risk-based approach to ensure appropriate security principles and controls are applied during the system development life cycle to meet stakeholder objectives and protect customer and corporate assets in line with enterprise risk appetite.
- Maintain comprehensive understanding of enterprise architecture to identify security gaps, develop controls and design solutions meeting business objectives while complying with security standards.
- Recommend appropriate security controls to protect confidentiality, integrity and availability of customer and corporate data in line with the enterprise risk appetite based on Bank policy and standards.
- Document and verify recommended security controls are aligned with Bank policies and standards as well as industry best practices, ensure proper documentation of exceptions to standards and/or recommend mitigating controls.
- Work with business teams and Cybersecurity leadership to identify and recommend exceptions to standards for projects.
- Prepare required systems and applications security documentation, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
- Present technical information to technical and non-technical audiences to ensure business understanding of security controls and recommendations.
- Communicate required systems and applications security controls to owners or technical leads, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
- Engage with Technology teams to identify security risks of proposed projects and recommend system and application modifications.
- Remain current with industry trends and security threats to advise management on how to mitigate and contain risks to the business.
- Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.
What You'll Need to Have:
- Minimum of 2 years higher education and 5 years relevant work experience, or in lieu of a degree, a combined minimum of 7 years higher education and/or work experience, including a minimum of 5 years relevant work experience.
- Demonstrated knowledge of cybersecurity principles and industry best practices, relevant to confidentiality, integrity and availability.
- Knowledge of information technology security principles and implementation methods (e.g., firewalls, demilitarized zones, encryption).
- Knowledge of security controls and their application.
- Experience managing projects and assisting less experienced team members as needed.
- Knowledge of organizational security policies, standards and procedures.
- Knowledge of security technologies and architecture, including encryption, cloud network security design, role-based access control, perimeter security and application security.
- Experience developing and recommending solutions to problems for which information is incomplete or without precedent.
- CISSP (Certified Information Systems Security Professional) or CRISC (Certified Risk and Information Systems Control) certification or Cybersecurity domain-related industry-recognized certification.
- GIAC Security Essentials (GSEC), Certified Ethical Hacker (CEH), Security + certification or related certification.
- Understanding of DevSecOps, SDLC, Risk Assessment or Threat Modeling
- Knowledge of Risk Management framework requirements.
- Knowledge of organizations risk tolerance and/or risk management approach.
- Working knowledge of project management methodology.
- Basic knowledge of security technologies and architecture, including at least two of the following: encryption, cloud network security design, Role Based Access Control, perimeter security and application security.
- Knowledge of system security review process.
Pay Range: $68-$83/hr +
Questions about any of our jobs? Email us at [email protected]
View all of our open jobs here: jobs.lhtservices.com