Job Description

Techklix.com

Position Title: Manager Information Security Architect

The Manager, Information Security Architect is responsible for managing the development, implementation and enforcement of the enterprise application security standards and controls across the all application development groups.

Position is also responsible for collaborating with application developers, development managers, application analysts, and business units and service providers towards the implementation of technology controls and processes, risk mitigation techniques, and standardized information security solutions for the Company’s in-house and third-party applications.



Responsibilities to include, but not limited to:

Develops security policies, standards, procedures, and guidelines that will assist the application development teams in integrating security requirements within their applications and databases.

Provides clear and concise recommendations and guidance in written and verbal form to both business and technology personnel.

Develops and enforces security processes and/or methodologies to (1) integrate security requirements within applications and databases; and (2) monitor security settings within applications and databases.

Manages and performs security risk assessments and security exposure analysis of business applications and databases. Identifies, documents, and reports security issues and concerns to management. Follows-up on action items to resolve security exposures.

Acts as an active advisor to business units and application development teams and offers solutions to new risks and threats.

Contributes to the technical understanding and promotion of new and existing information security standards, solutions and tools with respect to applications (web-based, legacy, etc.) and databases.

Provides understanding of application security and software quality assurance and influences application development teams (as well as business units) in integrating security at the design and development phase.

Develops and enforces security requirements as part of the Company’s application and system development lifecycle.

Participates in application analysis and design sessions with the application teams.

Directs and assists the our technology architecture group in establishing a security infrastructure for the business units and their applications/databases.

Qualifications/Skills

Basic Qualifications:

* BA/BS degree in Computer Information Systems, Computer Science or equivalent experience is required

* Master’s degree in Computer Science, or related field a plus

* Training courses, seminars, certifications (application analysis, design, development, and programming and/or security related education experience preferred)

* Industry certifications such as GIAC, CISSP etc. desirable but not necessary

* Certifications in application analysis, design, development, and programming preferred

Desired Experience:

* Must have hands on working knowledge of application analysis, design, development, and programming

* Must be familiar with and able to apply time proven generally accepted security methods, concepts, and techniques

* Ability to articulate security policies, procedures, and guidelines to all levels of management and staff required

* Excellent written and verbal communication skills

* Ability to develop effective recommendations for security information assets required

* Must be able to manage both time and work load without constant supervision

* Must be able to communicate effectively and tactfully with all levels of personnel, both in verbal and written modes

Desired Technical Skills:

* 10 to 12 years in application/system analysis, design, development, and programming required

* Experience in all facets of Software Project Management skills required

* Good understanding of application security and development processes

* Must have working knowledge of Web Services

* Audit background and/or consultant a strong plus

* Must be very familiar with risk analysis and risk management, cryptography, firewalls, IP and Web and application/database security

* Experience in information security or related fields a plus

* Understanding of the security implications of the major regulations such as Sarbanes-Oxley and CA Privacy Law SB 1386 a strong plus

For immediate consideration, contact rpang@techklix.com or use the APPLY NOW button.