Senior Information Security Architect

First American - Santa Ana, CA3.8

Full-timeEstimated: $110,000 - $150,000 a year
Skills
Join our team! First American’s Database Solutions division is the leading national provider of property information to the title and settlement service industries. We deliver the real estate, homeownership and mortgage data, property reports and document images that help bring clarity and insight to business decisions. We are the premier innovator and leading provider of Data, Technology, Solutions, Services and Automation to the Title and Settlement services industries and we are looking to expand our employee base with candidates who will help shape the future of its data and information strategy with professionalism, confidence, and teamwork. Within the Database Solutions family are subdivisions consisting of DataTrace and DataTree. As a global leader in providing title insurance, settlement services and risk solutions for real estate transactions, First American (NYSE: FAF) is an ideal place to build your career. We have been entrusted with helping our customers achieve and protect their dream of homeownership since 1889. We believe that our people are the key to the company’s continued success, and we invest in diverse talents and backgrounds and empower our teams to achieve more than they could anywhere else. First American has created an award-winning culture and has been named to the Fortune 100 Best Companies to Work For® list for the fourth consecutive year and to more than 50 regional Best Places to Work lists. For more information, please visit www.datatracetitle.com/home and www.datatree.com

Job Summary
We are seeking a Senior Information Security Architect to join our Database Solutions team in Santa Ana, CA! As a Senior Information Security Architect, you will be responsible for protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

Essential Functions

Top level technical expert in all areas of Information Security.
Champions change, drives and sets technical direction affecting multiple groups/business units.
Provides leadership by instructing, mentoring and training team members within and outside the work group.
Interacts with and influences senior management on technical matters requiring coordination between organizations.
Provides technical consulting on complex projects.
Devises or modifies procedures to solve complex problems considering computer equipment capacity and limitations, operating time, and form of desired results.
Further develops and documents the security architecture vision and strategy to support key business processes and requirements. Defines the optimal enterprise security architecture in terms of processes, standards and technologies.
Defines, documents and promotes the enterprise security target architectures and strategic direction; demonstrates and understanding of business drivers and expert knowledge in the broad spectrum of related technologies. Researches, identifies and documents best practice methods and emerging technologies, evaluating applicability and feasibility to the organization.
Coordinates and partners with IT and business leaders to ensure strategic IT security alignment to business requirements; champions the computer security program to all levels of the organizational.
Oversees the evaluation and selection of hardware and software security products and design of standard configurations. Assists in budgeting for security analysis and security-related implementation tasks.
Provides consultative leadership and implementation guidance on system projects focusing on planning, development, implementation and operationalization of strategic security technology directives.
Provides leadership in the adoption of and migration to an ISO27002- based security architectures and standards.
Recommends installation, modification or replacement of any system component, hardware or software, and any configuration change that improves the confidentiality, integrity, and availability of systems.
Establishes and documents guidelines and processes to assist in certification and accreditation activities, including Security Test and Evaluation (ST&E), Risk Assessments, and Independent Validation & Verification (IV&V).
Establishes, documents and monitors processes to support least privilege principle for critical and sensitive systems that impact the operation business of the Authority.
Maintains ongoing awareness of potential threats to the security and/or integrity of the business unit’s systems and data; to include computer viruses, patterns and methods of unauthorized intrusion, etc.
Conducts security briefings and other types of security training to foster an awareness of the security program throughout the Business Unit.
Knowledge and Skills/Technology Used

Mastery of the information security principles, concepts, methods, and best practices; expert knowledge in computer security exploitation and compromised.
Extensive knowledge of program design and system software routines, e.g. those providing an audit trail of activities against sensitive data files.
Extensive knowledge of the administration and management of multi-dimensional operating systems, databases, and applications.
Thorough understanding of standard network model and risks present at each layer, cryptography and the functions of key management, SSL, and TLS.
Thorough understanding of multi-tier application security, system authentication technologies and concepts of Identity Management and associated technologies.
Practical experience in performing risk assessments leading to formulating and mapping information security policy and standards to ensure compliance with regulatory and legislative compliance (PCI, SOX, HIPPA, GLBA)
Consult and provide guidance on complying with appropriate policy/standards/measures.
Has proven leadership skills and is results focused.
Appropriate interpersonal skills to communicate and work effectively at all levels of the organization.
Is process and procedure oriented
Demonstrates ability to organize, plan and carry out assignments with minimal supervision.
Requires experience in engagement management and reporting including project planning, budgeting and tracking engagement progress and success.
Demonstrate success in project management and implementation of security systems and strategies.
Demonstrated success in establishing and managing relationships within IT security functions.
A solid knowledge of Information Security practices, IP network, desktop and data security management.
Strong understanding of Active Directory, Host and network intrusion prevention technologies.
Strong understanding of application development security.
CISSP Security preferred.
Familiarity with privacy and security regulatory standards and requirements.
Typical Education

Mastery of the information security principles, concepts, methods, and best practices; expert knowledge in computer security exploitation and compromised.
Typical Range of Experience

Must have minimum 7 years information security experience.
License or Certification

CISSP (Certified Information Systems Security Certified Professional), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Management), CCNA, CCNP, MSCE
First American invests in its employees' development and well-being, empowers them to provide superior customer service and encourages them to serve the communities where they live and work. First American is committed to diversity and inclusion. We are an equal opportunity employer. For more information about our Company and our dedication to putting People First, check out firstam.com/careers.