Revel IT

Compensation

Full Description

• Years of experience: 7-10 • Communication, Cyber Controls expertise, Security Architecture and design • PCI compliance, audit background, IT Engineering OUR GOAL: Treat our consultants and clients the way we would like others to treat us! Interested in joining our team? Check out the opportunity below and apply today! A remote Infosec Architect contractor is needed to work with IT partners to understand current and new solutions, how security controls are embedded, and discuss needed improvements to the IT products. Works with team members on process improvements to ensure consistent delivery of security consulting. Top 3 Must-Haves (Hard and/or Soft Skills): • Communication, Cyber Controls expertise, Security Architecture and design • PCI compliance, audit background, IT Engineering • Years of experience: 7-10 Essential Job Functions • Security Architecture Development and Maintenance • Assists the Sr. and Principal Architects with the creation of security designs and frameworks for technology systems. • Monitors security intelligence sources for emerging industry security technologies, technology issues, regulatory issues and practices. • Provides oversight of new development efforts to ensure adherence to security policies, standards, and reference architectures. • Actively participates in decisioning processes related to adoption of new hardware and software technologies. • Provides advisory services as needed to information security teams. • Utilizes planning and organization tools to develop project/action plans. • Meets deliverable deadlines as directed. • Information Security Strategy • Assists the Principal and Sr. Information Security Architects with the development of the annual Information Security Strategy. This includes strategy development, formalized road map documentation, and continued maintenance. • Cybersecurity Tooling and Processes • Possess intermediate knowledge of company Cyber Security Tools and affiliated operational processes. • Utilizes knowledge when advising to determine residual risk of identified threats or control weaknesses. • Champions the use Cybersecurity Tooling through education and awareness of constituents. • Regulatory Requirements and Control Frameworks • Foundational knowledge of regulatory bodies and corresponding compliance requirements including, but not limited to: PCI-DSS, SOX, GLBA, CCPA, GDPR. • Intermediate knowledge of control frameworks including, but not limited to: FFIEC Examination Handbooks, NIST 800-53, ISO 27001. • Advanced knowledge of Cybersecurity Maturity Frameworks such as NIST-CSF and FFIEC Cyber Assessment Tool. • General Information Technology • Intermediate knowledge of IT tools and practices including, but not limited to: Networking, LDAP Directories, Vulnerability/Patch Management, Change Management, Incident Management, Server and Desktop Management, Mainframe Technologies, Encryption and Key Management, Cloud Architecture and Computing, Software Application General Computing Controls, Business Continuity/Disaster Recovery, Software Development Lifecycle, Access Management, and Cyber Security Tooling. • Human Relations • Ability to diffuse problematic situations and manage through conflict resolution. • Utilizes soft skills such as: Selective Agreement, Reflective Listening, Voice Inflection, and Empathy. Ability to take complex concepts and break down into laymen's terms or analogies that help with other's understanding. • Viewed as an enabling partner that provides options or information when saying no to business or IT requests. • Seen by leadership and peers as creditable, trustworthy and respectful. • Utilizes subject matter expertise to guide and coach less experienced team members. • Reports to: Manager or Director of Information Security Minimum Qualifications: • High School Diploma or equivalent experience in related field. • A minimum of 5-8 years of prior experience in a similar or related role (an equivalent combination of experience and education may be considered). • At least 3+ years exposure with Amazon Web Services (AWS), Microsoft Azure Experience with architecting multi-cloud and/or hybrid-cloud environments. • Must have experience working across multiple large scale cloud providers, including AWS, Azure, etc. • Must be experienced in creating a strategic cyber security technology direction, aligning it with tactical activities, and communicating plans broadly across the organization. • Experience in analyzing cyber security risks and architecting security solutions. • Proven knowledge of cloud services and distributed system architecture. • Create secure patterns to simplify secure application migrations to cloud environments. Preferred Experience: • Bachelor's degree in Engineering, Computer Science, Information Security, or a related field. • Familiarity or working knowledge with any scripting languages like JavaScript, Python, PowerShell, etc. • Prior working experience in SRE, DevSecOps, or DevOps • Knowledge of standard continuous integration and continuous deployment (CI/CD) patterns and security configuration management. • Proven skills in writing and creating standards documentation for architectures, solutions, and tools. • An understanding of how application-layer vulnerabilities affect cloud infrastructure. • Hands-on experience with some of the following technology: Cloud-native security tools (Azure Security Center, AWS Guard Duty) • Industry relevant certifications or training: Security-related certifications such as Certified Information Systems Security Professional (CISSP), AWS Certified Solutions Architect, Azure security certification, or equivalent experience. • Previous experience with Cloud Security Posture Management Tools. • Experience working with VM, containers, and their Orchestration technology (Docker and Kubernetes). Top 3 Nice-To-Haves (Hard and/or Soft Skills) • Degree Requirements (Experience in Lieu of Degree): CISSP, CRISC, AI certifications Reference: 1035904 Don't meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every qualification. At Revel IT, we are dedicated to building a diverse, inclusive, and authentic workplace, so if you're excited about this role, but your experience doesn't align perfectly with every qualification in the description, we encourage you to apply anyway. You might be the right candidate for this or our other open roles! Revel IT is an Equal Opportunity Employer. Revel IT does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need. #gdr4900