Information Security Architect II or Senior
Black Hills Energy
- Rapid City, SD
- $88,700-133,150 per year
- Permanent
- Full-time
- Level II: $92,500 - $152,450 / Grade 17
- Senior: $100,650 - $166,050 / Grade 18
- Design and document security solutions in compliance with the existing enterprise-wide information security strategy and policies. Including LAN, WAN, VPNs, firewalls, routers, and other related security solutions and functionality.
- Review existing architecture, identify design gaps, and recommend security enhancements.
- Serve as information security subject matter expert, trusted advisor; provide advisory and consulting services as needed to various department and project teams.
- Meet with project teams, architects, and other subject matter experts to develop system designs and project plans that include the appropriate security controls to meet security standards and regulations.
- Proactively review and analyze new or proposed business applications to evaluate appropriate security capabilities, assessing their risk and their value in support of corporate goals and security strategy.
- Understand current as well as emerging security threats and design security architecture to mitigate threats where possible.
- Conduct security reviews of vendor proposals, conduct process analysis, review information security architectures, and recommend modifications to the information security operation to evaluate risk, reduce costs, or improve service.
- Stay abreast of new security technologies and integrate into security architecture design when appropriate.
- Maintain an awareness of existing and proposed security standard setting groups as well as State and Federal legislation and regulations pertaining to information security.
- Other duties as assigned.
- Minimum of three (3) years of Information Security experience in a role as a security analyst, security engineer or security architect is required.
- Minimum of bachelor's degree in information technology, Computer Science, Information Assurance, or related technical field is required.
- Required: Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc.
- Minimum of five (5) years of Information Security experience in a role as a security analyst, security engineer or security architect is required.
- Minimum of bachelor's degree in information technology, Computer Science, Information Assurance, or related technical field is required.
- Required: Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc.
- Strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
- Understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Mobile BYOD as well as the associated security risks.
- Working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, ITIL, COBIT, CIS Top 20 and NIST
- Operating knowledge cyber security theory and practice as promoted by numerous security standards and certification entities desired.
- Understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics and malware analysis; security incident response.
- Knowledge of physical and/or cyber security architecture.
- Experience with various Information Security technologies, including firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.)
- Excellent organizational skills with attention to details, accuracy and timeliness.
- Excellent communication skills Work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems.
- Handle confidential and proprietary information with discretion.
- Ability to lead and mentor coworkers in security and job-related functions.
- Able to work independently, handle multiple projects simultaneously, assist with coordinating a variety of work functions and the ability to adapt to critical timelines.
- Ability to troubleshoot system and maintenance problems.