isecjobs.com

Enterprise Security Architect

Colorado Springs, CO, United States

Full Time Senior-level / Expert USD 118K - 155K
Ent Credit Union logo

Ent Credit Union

Join Ent Credit Union for robust personal and business banking solutions. Enjoy high-yield savings, flexible loans, and mortgage loans. Your financial growth journey starts here!

View all jobs at Ent Credit Union

Apply now Apply later

Company Description

Ent Credit Union exists to improve the financial quality of life of the people we serve. This mission drives us every day, but we are more than our mission. We're also individuals using our unique abilities to make our organization, and the communities we serve, better than they were yesterday. We're a not-for-profit that puts people above profits and actively invests in our community. Our rapidly growing team is expanding our reach to serve more people throughout Colorado. To spread our mission far and wide, we need people like you. If you're interested in a paycheck with a purpose, apply with us today. Our people make the difference, and we truly believe you are our greatest asset.

Job Description

The Enterprise Security Architect is responsible for designing and implementing comprehensive security frameworks that protect the organization's information assets and ensure compliance with regulatory standards. This role involves assessing current security measures, identifying vulnerabilities, developing security strategy and roadmaps to mitigate risks, as well as developing security standards and best practices in collaboration with engineering teams and information security department for application development, cloud solutions and IT infrastructure. By collaborating with cross-functional teams and stakeholders, the Enterprise Security Architect plays a critical role in fostering a culture of security awareness and resilience within the organization.

Essential Functions

  • Security Strategy and Architecture: Develop Security Vision and Strategy: Design an overarching security architecture that aligns with the organization's business goals, ensuring it is adaptable to both current and emerging threats. Security Policy Assessment and Compliance: Participate in evaluating security policies, procedures, and controls to ensure compliance with industry regulations and organizational requirements. System and Application Security Design: Work with engineering, development, and IT teams to integrate security protocols into system design, application development, and IT infrastructure. Ensure adherence to principles like least privilege, secure coding, and secure system design.
  • Innovation and Emerging Technologies: Evaluate Emerging Technologies: Investigate new technologies, such as AI, ML, and blockchain, for potential applications to enhance security posture and processes. Drive Security Innovation: Encourage innovation within security practices and solutions, staying ahead of potential threats and adopting advanced security tools and technologies.
  • Risk Management and Third-Party Security: Risk Identification and Prioritization: Identify, analyze, and prioritize risks to the organization's IT environment, including data, systems, and networks. Develop Risk Mitigation Strategies: Create both preventive and reactive strategies to manage and mitigate security risks across systems. Third-Party Risk Management: Engage with the third-party risk management team to establish security protocols for data sharing, access control, and secure interactions with external partners.
  • Governance, Policy, and Compliance: Policy and Governance Frameworks: Develop and advise on policies, standards, and guidelines for data protection, compliance, privacy, and security governance. Policy Enforcement: Collaborate on the creation of a governance framework to enforce security policies and ensure adherence across departments. Stakeholder Engagement and Education: Educate and advise cross-functional teams, including IT, HR, legal, and executive leadership, on security practices and the business impact of cybersecurity.
  • Security Monitoring, Threat Intelligence, and Continuous Improvement: Security Monitoring Systems: Design and implement systems to detect, monitor, and respond to potential security threats in real-time, ensuring continuous protection. Threat Intelligence and Awareness: Stay informed about the latest cybersecurity threats, vulnerabilities, and trends, applying this knowledge to update and improve security measures. Continuous Improvement: Regularly assess and improve security protocols, systems, and policies to keep pace with evolving threats. Foster a culture of security awareness and adaptability within the organization.
  • Bank Secrecy Act: Remains cognizant of and adheres to Ent policies and procedures, and regulations pertaining to the Bank Secrecy Act.

Qualifications

Minimum Formal Qualifications for this Position

  • Bachelor's Degree in Information Technology, Computer Science, or related field.
  • 5+ years' working with security architectures, frameworks, and leading large-scale security initiatives
  • 10+ years' experience in Cybersecurity (preferred)
  • 7+ years' Security Engineering, Risk Management, Security Design (preferred)
  • 3+ years' experience in cloud security, security governance, regulatory compliance (preferred)


Each year of relevant work experience may be exchanged for a year in a relevant degree program or vice versa. For example, a requirement of a bachelor's degree in accounting and 2+ years of account experience could be substituted for a high school diploma and 6 years of relevant accounting work experience or a master's degree in accounting and 0 years of work experience.


Technical or Specialized Knowledge/Skills:

  • Understanding of security architecture frameworks (e.g., SABSA, NIST, ISO 27001).
  • In-depth knowledge of security technologies, including firewalls, intrusion detection systems, and encryption methods.
  • Familiarity with cloud security best practices and architectures across various cloud platforms (e.g., AWS, Azure, Google Cloud).
  • Awareness of compliance regulations (e.g., GDPR, HIPAA, PCI-DSS) and risk management principles.
  • Proficient in security assessment tools and methodologies (e.g., vulnerability scanning, penetration testing).
  • Analytical and problem-solving skills for identifying and addressing security vulnerabilities.
  • Knowledge of threat modeling and compliance to align security strategies with business objectives.
  • Communication skills, with the ability to convey technical concepts to non-technical stakeholders.
  • Ability to develop and maintain security documentation, including policies, standards, and incident response plans.
  • Project management skills, including the ability to coordinate security initiatives and meet deadlines.
  • Ability to evaluate and recommend new security technologies and tools that enhance overall security posture.
  • Ability to collaborate effectively with cross-functional teams and build strong relationships with stakeholders.
  • Capacity to mentor and guide junior security team members in security best practices and methodologies.
  • Ability to adapt to evolving threats and a willingness to stay current with industry trends.
  • Ability to think strategically and align security solutions with overall business objectives.
  • Competence in risk assessment and management related to security decisions and implementations.


Certifications Required:

  • Cert Info Sys Sec Pro preferred
  • Cert Info Sec Mgr preferred


Environmental, Physical and Psychological Requirements

  • Standing - Occasionally
  • Walking - Occasionally
  • Sitting - Frequently
  • Lifting - Rarely (40 Lbs)
  • Carrying - Rarely
  • Pushing - Rarely
  • Pulling - Rarely
  • Balancing - Rarely
  • Stooping - Rarely
  • Kneeling - Rarely
  • Crouching - Rarely
  • Crawling - Rarely
  • Reaching - Occasionally
  • Handling - Occasionally
  • Grasping - Occasionally
  • Feeling - Occasionally
  • Talking - Frequently
  • Hearing - Frequently
  • Repetitive Motions - Frequently
  • Eye/Hand/Foot Coordination - Occasionally
  • Noises louder than normal speaking volume - Occasionally
  • Temperature Changes - Rarely
  • Atmospheric Conditions - Rarely

 

Additional Information

The pay range for this position is: $118,414 to $155,413 per Year (I18)

Final compensation for this position will be determined by various factors such as relevant work experience, specific skills and competencies, education, certifications, and internal pay equity.


We anticipate this position to close on 12/30/2024. Please submit your application at your earliest convenience to be considered.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.

Benefits Summary Sheet

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
 

Apply now Apply later
Job stats:  0  0  0
Category: Architecture Jobs

Tags: Application security AWS Azure Blockchain C CERT Cloud Compliance Computer Science Encryption Firewalls GCP GDPR Governance HIPAA Incident response Intrusion detection ISO 27001 IT infrastructure Monitoring NIST Nonprofit Pentesting Privacy Risk assessment Risk management Security assessment Security strategy Strategy Threat intelligence Vulnerabilities

Perks/benefits: Equity / stock options

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Specialist jobsSecurity Consultant jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSecurity Specialist jobsIT Security Engineer jobsSenior Cyber Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsIT Security Analyst jobsPrincipal Security Engineer jobsCloud Security Architect jobsStaff Security Engineer jobsInformation System Security Officer (ISSO) jobsSystems Engineer jobsCyber Security Architect jobsSenior Product Security Engineer jobsSecurity Operations Analyst jobsSystems Administrator jobs
CI/CD jobsMalware jobsSaaS jobsForensics jobsEncryption jobsEDR jobsSplunk jobsTop Secret jobsIDS jobsSDLC jobsIPS jobsSQL jobsRMF jobsCompTIA jobsBash jobsIntrusion detection jobsDocker jobsThreat detection jobsFinance jobsDoDD 8570 jobsITIL jobsOWASP jobsActive Directory jobsVPN jobsTCP/IP jobs
CRISC jobsGIAC jobsUNIX jobsTerraform jobsSANS jobsHIPAA jobsIT infrastructure jobsBanking jobsClearance Required jobsJavaScript jobsSOX jobsDNS jobsAnsible jobsPolygraph jobsCCSP jobsMITRE ATT&CK jobsOSCP jobsData Analytics jobsSOC 2 jobsJira jobsGCIH jobsCISO jobsSOAR jobsCyber defense jobsOracle jobs