Information Security Architect

Blue Cross Blue Shield of North Carolina - Durham, NC


Information Security Architect - 6 to 9 month Engagement

Job Profile Summary

The Information Security Architect is primarily responsible for researching, evaluating, recommending, and validating complex and broad based security systems designs and security controls that deliver on accepted security best practices, regulatory compliance and documented policy. The Information Security Architect partners with all areas of business and information technology to drive security requirements, and deliver on security objectives within product development, business process design, IT and business operations development, software development, and their respective life-cycles. Develop and review architecture artifacts and manage adherence to architecture standards.

Job Description

  • Influence, consult with and build collaborative working relationships with senior business and IT leadership at the VP/Officer and C levels to help meet long term security objectives.
  • Conduct risk assessments, evaluate alternative strategies, develop recommendations and ensure responsive communication with business representatives, security management, and third party vendors.
  • Participate in the design review process and support the overall Security Architecture process.
  • Influence and drive change to security architecture processes, strategies and standards, as needed in areas such as: information security, Data Loss Prevention, Intrusion Prevention, Threat and Vulnerability Management, and Identity and Access Management.
  • Partner with management in defining and setting appropriate, implementable information security policy and ensuring alignment to standard operating procedures, instructions and standards.
  • Develop, maintain and implement security policies, processes, tools and methodologies that support security architecture standards and ensure effective evolution of security architecture within the organization.
  • Research, evaluate, recommend, plan implementation of, and test new or improved information security software or devices
  • Coordinate analysis of new or enhanced software application or tool implementations for impacts to existing security software and devices.
  • Participate in and/or lead forensic investigations and eDiscovery of suspected information security issues or in compliance reviews as requested by auditors, HR, Ethics, or Legal.
  • Utilize security expertise and knowledge of new and emerging cyber attacks threats to make recommendations to management regarding implementation of best practices and/or process improvements to proactively protect the company’s systems and networks.
  • Provide informal work coordination and leadership/coaching to less experienced information security staff.

Hiring Requirements:

  • Bachelor’s degree and 7 years of broad based information security experience, with expertise in the following areas: security engineering, security operations/ administration, incident response, audit, controls and risk management.
  • If no degree, 8 years of experience as stated above.
  • Prior experience with architecture processes, strategies and standards is required.
  • IT consulting and executive advisory experience with demonstrated skills in translating business requirements to technical solutions is necessary.
  • Solid project management experience in a cross-functional environment is required.
  • Exposure to multiple, diverse technical integrations, technologies and processing environments.
  • Experience coordinating vendor solution delivery and partnering effectively with vendors to meet business needs.
  • At least one security industry certification (i.e., CISSP, CISA, CISM, SANS).

Hiring Preferences:

  • Bachelor’s degree in Computer Security, Computer Science or Engineering preferred.
  • Expertise or specialization in another IT related discipline (e.g. Network Engineering, Database Administration, Application Development, Systems Administration, etc.) is strongly preferred.
  • Proven informal leadership, coaching and mentoring skills.
  • Strong work coordination, project management and planning skills.
  • Exceptional consulting skillset with ability to provide appropriate direction to other IT groups and executives on security matters.
  • Demonstrated initiative to learn new technologies.
  • Exceptional analytical and problem-solving skills.
  • Proven ability to present and discuss highly complex technical information to users with varying technical expertise.
  • Must be detail-oriented with a focus on accuracy.
  • Excellent written and verbal communication skills, including excellent presentation skills.
  • Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
  • Superior customer focus and the ability to manage customer expectations.
  • Demonstrated commitment to and leadership of continuous process improvement.
  • Proven ability to work effectively in emergencies while handling multiple priorities.

Job Type: Contract

Salary: $60.00 to $80.00 /hour


  • Durham, NC (Required)


  • At least one - CISSP, CISA, CISM, or SANS (Required)

Work authorization:

  • United States (Required)