Lead Security Architect Job Description
Lead security architect
provides repeatable/reusable architectures/solutions to common technology infrastructure/application security requirements for core security areas including but not limiting to: enterprise architecture, network security, application security, cloud security, cryptography, secure software development.
Lead Security Architect Duties & Responsibilities
To write an effective lead security architect job description, begin by listing detailed duties, responsibilities and expectations. We have included lead security architect job description templates that you can modify and use.
Sample responsibilities for this position include:
Play a lead role in technology and security investigatory exercises related to Architecture
Acts as an internal consultant, advocate, and change agent
Represents Information Security at enterprise review meetings (ITAC, NPI Reviews, Production Readiness)
Plays a key role as the information security architect for projects and initiatives
Support the Information Security & Cyber Security Program which includes but is not limited to Cloud Security, Mobile Security, Big Data Security, IAM, Data Protection, Infrastructure and Network Security, Application Security, Cyber Threat Management and Vulnerability and Patch management
Act in an advisory role in application development and acquisition to assess security requirements and controls and to ensure that security controls are
Provide support to Banking Technology LOBs with requirements resulting from the Software Security Assurance Program (SSAP)
Review of vendor products, external (standards bodies, governmental agencies ) technology standards and internal IT risk policies and provide consistent model for development across Banking Technology
Provide expert advice and recommendations for developing CND capabilities the establishment of CSOCs
Serve as trusted advisor to key business and technology partners
Lead Security Architect Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Lead Security Architect
List any licenses or certifications required by the position: CISSP, SANS, CCNA, TCP/IP, PKI, CSSLP, GBE, CEH, CISM, GIAC
Education for Lead Security Architect
Typically a job would require a certain level of education.
Employers hiring for the lead security architect job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Information Technology, Business, Information Security, Education, Information Systems, Computer Engineering, Management
Skills for Lead Security Architect
Desired skills for lead security architect include:
Agile approaches to software development and able to put key Agile principles into practice to deliver solution incrementally
Application security issues and mitigation approaches
Architecture development methodology and frameworks like TOGAF
Common application security controls
Common approaches to overcome their challenges
Common technologies used in web applications
Critical National Infrastructure and associated risks
Data security and understanding of other cyber security domains
Data security best practices: at rest
Databases
Desired experience for lead security architect includes:
Presentation skills to non-technical audiences
8 years or greater in Information Security domain
Gather code for analysis and operate static analysis tools
Participate in threat modeling and security architecture development
Implementation and testing of DOD / DISA security hardening standards
Help set up and configure application instances for security testing, and with light support of third party testers
Lead Security Architect Examples
1
Lead Security Architect Job Description
Job Description Example
Our company is growing rapidly and is hiring for a lead security architect. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for lead security architect
- Partner with Engineering & Product Data Management partners to standardize on endorsed data storage and message distribution technologies and data models
- Own security throughout Product Lifecycle Management, assessing risks, identify how to fully support updated hosted technologies
- Lead SAP/GRC security design, blueprint and implementation for SAP/GRC 10.x suite of applications including Emergency Access Management, Access Risk Analysis, Access Request Management and Business Role Management
- Solid working knowledge in developing ruleset for the organization
- Solid working knowledge of SAP Business Suite on HANA
- Identify security design gaps and offer solutions/resolutions
- Implementing the elements of HR Triggers, Active Directory and SSO
- Serves as SAP/GRC and Security subject matter expert and provide advisory and consulting services as needed
- Apply knowledge of SAP security in the modules of ECC, BI, EWM, CRM, SRM, PLM
- Apply knowledge in SAP Security role analysis, redesign and remediation
Qualifications for lead security architect
- Minimum of ten (10) years' experience as an Information Technology Technical Lead in projects supported by project references
- Minimum of five (5) years' experience designing and implementing high-availability server rooms as supported by project references
- Minimum of three (3) years' experience designing and implementing local area networks demonstrating a strong network bias with general knowledge of the applications
- Minimum of three (3) years' experience as a technical manager responsible for the planning
- Firewalls/IPS
- Experience supporting SOCs in industry or government
2
Lead Security Architect Job Description
Job Description Example
Our company is looking to fill the role of lead security architect. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for lead security architect
- Responsible for coordination and documentation of testing phases
- Create all necessary documentations for SAP/GRC and Security projects
- Working knowledge of IT-related laws and compliance mandates
- Proficient in researching information security solutions and best practices
- Proficient in researching control solutions and best practices
- Working knowledge of project management principles, and ability to coordinate delivery of high quality solutions on time and within budget
- Ability to work closely and efficiently with internal and external auditors and legal department
- Excellent interpersonal skills with the ability to work on cross-functional project teams and foster team commitment to tasks collaborate with the Business
- Partner with the security group to plan and drive the implementation of the technology and its capabilities
- Recommends updates and changes to the Secure Software Development Policy, Design for Security requirements, and related organization-wide product security governance documents
Qualifications for lead security architect
- At least 5 years in working with information security governance, compliance, or auditing
- Master’s degree, or demonstrated experience and delivery, in information security, data management/modelling or computer science
- 7-10+ years of progressive applied technology experience in enterprise architecture functions, ideally focused on information security or data management, modelling & quality
- Demonstrable ability to structure and execute programs with clearly defined long term goals, interim steps, required stakeholders and justifications
- Demonstrated ability to communicate complex transformation plans to varying organizational levels, including C-level staff, and delivery technologists
- Active professional security certifications (e.g., CISSP or other similar industry qualification), open source project, security research (e.g CAPEC, CVE, CEF, etc) or design framework/patterns contribution, or other continuous learning examples in the threat & security spheres
3
Lead Security Architect Job Description
Job Description Example
Our company is growing rapidly and is hiring for a lead security architect. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for lead security architect
- Consultation in product architecture related to security strategies for ensuring a competitive and commercially acceptable level of product cyber security assurance
- Participate in program increment / sprint reviews to keep up to date on products in development and how they may relate to or impact organizational risk and overall security
- Serve intermittently as a member of the Product Security Incident Response Team (PSIRT)
- Attend industry training, conferences and roundtable forums (example OWASP AppSec, RSA, Black Hat) to stay up to date on latest technologies, evolving threats and build relationships in the industry to help the organization become a recognized leader in cyber security knowledge
- Oversees the end-to-end architecture and design of connected network systems while ensuring product cyber-security best practices and requirements are maintained
- Owns and drives the development of cyber security requirements across multiple products and platforms ensuring common designs, functionality, and integration with existing and future systems
- Serve as the lead security architect on high risk products and programs providing overall security architectural leadership while indirectly managing and mentoring security champions
- Represent Global Product Security and the overall product cybersecurity program on technical system architectural boards, committees, and review organizations
- Provides direct support to security-related work packages while in development by the architecture and platform teams
- Application Risk Classification
Qualifications for lead security architect
- Expertise in one solution portfolio area (networking, passenger, self-service)
- Candidate must exhibit innovative & analytical thinking, ability to stay in front of cutting edge technologies in areas such as network and communication interfaces, device and equipment integration to full customer systems, and system development technique and tools
- Prior application security program experience a plus
- Requires strong interpersonal, organizational, written and verbal communication skills, ability to influence and guide senior leaders in the business channels, product management and product engineering when required
- Work with third parties to challenge our secure design principles, for example through independent reviews, penetration testing, vulnerability assessment
- Minimum 2 years of experience specifically in design and architecture of secure systems
4
Lead Security Architect Job Description
Job Description Example
Our company is hiring for a lead security architect. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for lead security architect
- Secure Application Design
- Opensource Governance
- Validate Threat Modeling
- Container Security Management
- OpenSource Management
- You shall lead and mentor the security architects and ensure that the wider design community understand the security principles we adopt and how they are expected to be followed
- You shall be accountable for the development and maintenance of the Security Architecture and supporting risk assessments such that any changes or initiatives can be assessed against the baseline
- To analyse changes in the threats and/or business requirements that may impact the effectiveness of the security controls within the Smart DCC system
- Represents Security Platform in development and implementation of the overall enterprise cloud architecture
- Design and Implement end to end cloud security, from infrastructure to network to application to regulations and beyond
Qualifications for lead security architect
- Responsible for maintaining and supporting IT Security in the areas of audit, IT change management control, management of protected health information, segregation of duties and provisioning & de-provisioning of users
- Work independently to determine appropriate methods and procedures for maturing data security
- Oversee security awareness programs and educational efforts to keep organization abreast of latest in Information and Cyber security
- Experience in enterprise cloud security architecture design and implementation
- Knowledge and experiences with data protection concepts such as encryption, obfuscation, entitlement, access controls, user management, user and application authentication and authorization, security monitoring, and others
- Experience architecting solutions within MS Azure (Preferred) or Amazon Web Services (AWS) cloud
5
Lead Security Architect Job Description
Job Description Example
Our growing company is looking to fill the role of lead security architect. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for lead security architect
- Understand detail-level stakeholder (customer, engineering, ) requirements in order to translate them into technical security specifications
- Perform security architecture duties such as security design review on large, complex solutions (application and infrastructure)
- Lead Security Architect will be tasked to plan, analyze, design, configure, test, implement, maintain and support the Client’s computer and network security infrastructure
- Serves as a Cyber Security advisor to the client
- Communicates and supports key security initiatives within delivery
- Proactively monitors industry threat landscape and advises client entities to adjust security operations and practice
- Prioritize support requests to ensure optimum allocation of resources
- Ensure successful delivery of security assignments
- Serve as the focal point to executives for any escalations relating to Cyber Security
- Architect and design information security solutions to meet business objectives and align to the adopted enterprise security framework to ensure appropriate and effective security controls are built in from the start
Qualifications for lead security architect
- Experience in data security aspects in various settings- , Virtualization and Cloud Security, collaboration tools, identity management
- CISSP-CSSLP Certification preferred
- SANS GWAPT/GWEB certification is a plus
- Experience working with SAP and web applications preferred
- 5 or more years of security design and architecture is preferred
- Demonstrated ability to identify application security requirements and validate implementation of specified requirements into a robust architecture that sufficiently protects valuable digital resources is preferred