Systems Security Architect

The Information Security Architect focuses on securing information and assets by determining system security requirements; planning, implementing, testing and improving; preparing information security standards and procedures; performing pattern and trends analysis; developing action plans to address vulnerabilities; mentoring team members. The Information Security Architect will evaluate the overall architecture of a process, product or service and will provide direction on what action needs to be taken to protect the confidentiality, integrity and availability of a system, asset or resource both on premises and in the cloud. This role involves a high level of collaboration with other architects within IT and extensive involvement with our infrastructure and business groups.

Responsibilities:

  • Provides security guidance and direction for all enterprise locations globally.
  • Monitor and advise on information security issues related to the systems and workflow at Asurion to ensure the internal security controls for the company are appropriate and operating as intended.
  • Determines system related security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
  • Plans security systems by evaluating infrastructure and security technologies
  • Implements security systems by specifying technical methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
  • Assists with response to information security incidents where security architecture expertise is required.
  • Develop and publish Information Security standards and procedures.
  • Performs periodic firewall rule set reviews for rule effectiveness.
  • Can assess and implement security functions in cloud environments.
  • Assists with administering internal certificate management system.
  • Verifies security systems by developing and implementing test scripts.
  • Assists with managing remediation plans for any security gaps reported in audits or recommended process improvements.
  • Collaborate with IT management, the legal department, fraud department, human resources and law enforcement agencies to resolve security vulnerabilities or support investigations.
  • Prepares system security reports by collecting, analyzing, and summarizing data and trends.
  • Influences strategic and tactical security decisions with our Engineering, Architecture and Operations groups.
  • Orchestrates security efforts between operations and application support groups while working with both full time and contractor/consultant resources.
  • Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
  • Perform other related duties as assigned.

Requirements:

  • BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered
  • Seven years of progressive experience in information security to include securing environments in Amazon Web Services.
  • Experience should include security standard and procedures development, security education, security system design review, vulnerability assessments, cloud security architecture, risk analysis, management of gap remediation and compliance testing.
  • CISSP, CCSP, CCSK, GSEC, GIAC, CCNA, CEH, or other security certifications desired.
  • Knowledge of information security standards (e.g., ISO 27001, 27002, etc.), rules and regulations in addition to best practices.
  • Knowledge of network security, cloud security practices, certificate management, public key infrastructure management and cryptography.
  • Strong analytical and problem solving skills are necessary.
  • Excellent communication (oral, written, presentation), interpersonal and consultative skills are required.
  • This position may require some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.

Meet Some of Asurion's Employees

Bryant M.

Senior Manager, Software Engineering

Bryant manages the Software Development Group at Asurion that focuses on back-office technology. By doing so, he helps deliver new products and business capabilities.

Christy R.

Senior Manager, Technology Strategy & Business Operations

Christy serves as the internal consultant to the CIO. She handles special projects and strategic deep dives to assess internal operating success and future operational plans.


Back to top