Full Job Description
About the Job
GCR is a leading software company serving the public sector. Our products help thousands of people access government services. We help people register their businesses, stay up to date on commercial building codes, file for trademarks and stay informed about elections. We are passionate about making government software more modern and accessible. As we continue to grow at a fast pace, we are looking for people ready to accept a challenge. People who can work on existing products while helping build more robust, sustainable development practices. Our processes and products have not been able to keep up with our growth. We want to expand our diverse team with more creative, adventurous and dedicated people, as we bring our products into the next generation of computing. Be part of a growing team where you can contribute to building products that matter.
Security Architect/Director Job Description:
Technical and Professional Skills:
- Identify business requirements that affect the enterprise security architecture and provide solutions that integrate into the overall architectural vision and strategy.
- Serve as an information security advisor to key technology and business stakeholders, including other domain-level security architects, by establishing trust relationships through active engagement and collaboration.
- Be responsible for the definition and maintenance of security reference architectures that provide roadmaps and design guidance for key security domains.
- Architect and design information security solutions to protect company assets; address regulatory requirements and align to latest security frameworks including cyber security frameworks.
- Create executive security roadmaps for organizations that include specific solutions with support documentation, estimates of cost, and reduction of risks that will be realized.
- Responsible to review current system security measures and recommend and implement enhancements
- Review modern technologies to validate alignment to the organization's security requirements.
- Responsible to plan and implement a security practice for the organization
- Provides general support related to setting and managing technology and security objectives within an established budget.
- Expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products
- Provide guidance and expertise in the development and maintenance of security plans, policies, standards, architectural governance, design patterns, and security best practices.
- Responsible for managing all interaction with the security teams including vulnerability assessment, penetration testing and security audits
- Responsible to conduct regular system tests and ensure continuous monitoring of network security
- Responsible to develop project timelines for ongoing system upgrades
- Responsible to ensure all personnel have access to the IT system limited by need and role
- Responsible to establish disaster recovery procedures and conduct breach of security drills
- Responsible to promptly respond to all security incidents and provide thorough post-event analysis
- Strong written and verbal communication skills.
- Passion for learning new things, and subsequently motivating, leading, coaching, and positively influencing the careers of other associates within the Information Security and IT organization.
- Ability to negotiate desirable outcomes, when faced with regulatory, time-bound, technical, political, budgetary or organizational challenges.
- Able to provide creative and critical thinking skills to obscure problems; consolidating proposals to senior leadership with both clarity and precision.
- Capability to develop and deliver effective presentations designed to inform, instruct, or persuade large or focused groups of individuals.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- Ability to work on cross-functional teams, and within all levels of the organization: Executives to developers.
- Familiarity with Architectural modeling languages such as ArchiMate , UML, BPMN, BPEL, etc.
- Familiarity with formal architecture frameworks, such as Zachman, TOGAF, FEAF, DODAF, SABSA, etc.
- BS degree in Computer Science, similar technical field of study or equivalent practical experience.
- Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability
- Solid understanding of security protocols, cryptography, authentication, authorization and security
- Solid understanding and use of Vulnerability Assessment and Penetration Testing tools
- Good working knowledge of current IT risks and experience implementing security solutions
- Solid understanding of cloud hosing security standards and complacencies
- Solid understanding of FISMA compliancy and experience in working with FedRAMP certified cloud hosting solutions comply with NIST methodologies
- Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
- Industry recognized certifications highly desired: e.g. CISSP, CCSP, CISA, CISM, The Open Group Architecture Certifications, SABSA SCF/SCP/SCM, or other industry relevant certifications.
GCR Inc. offers our employees a competitive compensation package. Among the benefits are paid time off, paid holidays, company matching 401(k), health and dental plans, company paid short term disability and life insurance.
GCR Inc.'s corporate headquarters are in New Orleans, Louisiana with additional offices in Covington, LA., Baton Rouge, LA, Windsor, CT and Indianapolis, IN.
GCR Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, GCR Inc. complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
GCR Inc. expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of GCR Inc.'s employees to perform their job duties may result in discipline up to and including discharge.