Information Security Architect
The Security Architect for SAP implementation will design, integrate and implement security architectures for cloud based SAP systems. The architect will identify and prioritize security-related user stories, epics and themes, create secure-by-default designs that balance business benefit and risk, provide security guidance and facilitate delivery of information security services throughout Agile lifecycle. The architect will also perform risk assessments of SAP cloud applications and infrastructure, develop appropriate risk treatment and mitigation options based on industry standard security controls, and effectively articulate findings and recommendations to IT project teams and management. The architect is expected to work in a highly collaborative global environment; demonstrate excellent interpersonal, communication, and organizational skills working with an Agile environment; and adjust to multiple demands, shifting priorities, ambiguity, and rapid change.
The architect shall have significant working security experience and knowledge in the design, implementation and operation of security controls in one of the following areas:
* Cloud Security Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud based solutions
* SAP architecture security not only experience with SAP access control, but also experience with the design of access logging and monitoring, security configuration for various SAP systems, data encryption and sanitization in SAP.
* Infrastructure Security Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions.
Although not required, it is preferred that candidates possess additional working security experience and knowledge in one or more of the following areas:
* Agile & DevOps Methodologies Experience as a contributing member of a balanced team within an Agile development or DevOps environment.
* Operational Security Experience with defining operational models and procedures for business solutions including the operation and maintenance of infrastructure and application security controls.
* Information Security Standards Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, FEDRAMP, CSA and CIS Controls.
Career-Level position within field. Requires experience and proficiency in discipline. Conducts complex work important to the organization. Works with minimal supervision with wide latitude for independent judgment. To qualify, candidates must have:Approximately 10-12 years of experience in information systems architecture methodologies, management, and tracking/analyzing budgetsSound judgment and tactExcellent management, interpersonal, communication, and organizational skillsAbility to work and team effectively with clients and other management personnel
Advanced degree in Computer Science or a related discipline; or equivalent work experience