Systems Security Architect
The Information Security Architect focuses on securing information and assets by determining system security requirements; planning, implementing, testing and improving; preparing information security standards and procedures; performing pattern and trends analysis; developing action plans to address vulnerabilities; mentoring team members. The Information Security Architect will evaluate the overall architecture of a process, product or service and will provide direction on what action needs to be taken to protect the confidentiality, integrity and availability of a system, asset or resource both on premises and in the cloud. This role involves a high level of collaboration with other architects within IT and extensive involvement with our infrastructure and business groups.
- Provides security guidance and direction for all enterprise locations globally.
- Monitor and advise on information security issues related to the systems and workflow at Asurion to ensure the internal security controls for the company are appropriate and operating as intended.
- Determines system related security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Plans security systems by evaluating infrastructure and security technologies
- Implements security systems by specifying technical methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
- Assists with response to information security incidents where security architecture expertise is required.
- Develop and publish Information Security standards and procedures.
- Performs periodic firewall rule set reviews for rule effectiveness.
- Can assess and implement security functions in cloud environments.
- Assists with administering internal certificate management system.
- Verifies security systems by developing and implementing test scripts.
- Assists with managing remediation plans for any security gaps reported in audits or recommended process improvements.
- Collaborate with IT management, the legal department, fraud department, human resources and law enforcement agencies to resolve security vulnerabilities or support investigations.
- Prepares system security reports by collecting, analyzing, and summarizing data and trends.
- Influences strategic and tactical security decisions with our Engineering, Architecture and Operations groups.
- Orchestrates security efforts between operations and application support groups while working with both full time and contractor/consultant resources.
- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Perform other related duties as assigned.
- BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered
- Seven years of progressive experience in information security to include securing environments in Amazon Web Services.
- Experience should include security standard and procedures development, security education, security system design review, vulnerability assessments, cloud security architecture, risk analysis, management of gap remediation and compliance testing.
- CISSP, CCSP, CCSK, GSEC, GIAC, CCNA, CEH, or other security certifications desired.
- Knowledge of information security standards (e.g., ISO 27001, 27002, etc.), rules and regulations in addition to best practices.
- Knowledge of network security, cloud security practices, certificate management, public key infrastructure management and cryptography.
- Strong analytical and problem solving skills are necessary.
- Excellent communication (oral, written, presentation), interpersonal and consultative skills are required.
- This position may require some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.
Meet Some of Asurion's Employees
Senior Manager, Software Engineering
Bryant manages the Software Development Group at Asurion that focuses on back-office technology. By doing so, he helps deliver new products and business capabilities.
Back to top