Job Title: Information Security Architect Location: tlanta, GA Onsite Duration: Contract Job Description: Role Description: Perform Threat Analysis & Create/Update the Threat Modelling?
The Information Security Architect performs threat analyses for complex technical designs and reports the results using standard templates.?
The Information Security Architect creates the initial Threat Modelling (with new applications/systems) or updates an existing Threat Modelling (with upgraded applications/systems).
? The Information Security Architect tracks critical and high findings and updates the respective changes in the Threat Modelling.
Derive Security Requirements
? Given application or system descriptions, the Information Security Architect derives security requirements that will match the respective level of abstraction.
Review Design and Report Issues
? The Information Security Architect reviews the design documents with respect to o Fulfillment of security requirements o (Common) design error so Already known design shortcomings (are they fixed or not)
? The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
Review Implementation and Report Issues
? The Information Security Architect reviews the implementation with respect to
? Fulfillment of security/design requirements? (Common) implementation errors,
? Already known implementation shortcomings (e.g., from Code scan or Pen Testing, are they fixed or not?)
? The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
Review Project Security Planning and Report Issue
? The Information Security Architect reviews various project management documents with respect to
o plausibility of effort estimates for planned security tasks,
o plausibility of cost estimates for planned security tasks,
o overall plausibility of the timeline for security tasks,
o the overall progress of security, o completeness of planned security tasks o security budget planning,
o ordering status of mandatory security services,
o mandatory security-related tasks?
The Information Security Architect submits a written report that lists.
o all shortcomings, together with suggestions on how to fix them,
o all possible risks to achieving project goals that relate to information security.
Cyber Security Incident Management? Responsible for end-to-end cyber security incident management process. The Information Security Architect will answer explicit questions on various security-related subjects, e.g. on
o Information Classification,
o Security aspects of project management,
o Technical information security, etc.
o Cryptography,o Cloud Security,
o TPRM ? Third-Party Risk Management
o Vulnerability Review and Assessment,
o Dev Sec-ops
o Security Tools
o Audit Support (External and Internal)
Technical Security Tasks? Given the necessary input, the Information Security Architect will perform complex tasks with a specific, well-described result. Competencies: Cyber Security - Information Security Experience (Years): 10 & Above Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.