Information Security Architect

Description

The Security Architect guides various information systems initiatives, projects, and systems to provide a secure computing environment.  Provides design recommendations for new information security and information systems deployments and products.
1. Interfaces between security policymakers and Information Technology Services teams.
2. Assists with the design and deployment of business and technology solutions throughout the business.
3. Determines security requirements for the enterprise (including new and existing deployments).
4. Creates and maintains security policy as required.
5. Performs risk assessments of new hardware and software deployments.
6. Evaluates changes to major infrastructure, identifies issues and provides remediation plans as required. 
7. Works with outside vendors to evaluate and recommended technologies.
8. Develops and maintains security processes.
9. Evaluates security posture of projects throughout the enterprise from conception to deployment.
10. Assists in conducting information security assessments and risk analysis of computing environment and in managing remediation efforts with Information Technology organization when vulnerabilities are identified.
11. Performs and maintains compliance efforts with various laws and industry regulations including Payment Card Industry Data Security Standards (PCI-DSS), Sarbanes-Oxley (SOX) and HIPAA and Big Lots Information Security Policies.
12. Reviews application design and develops and recommends remediation plans as required.
LI-RG1


Qualification

1. Bachelor’s Degree in in computer science or related field or equivalent experience required.
2. Minimum of six years of experience in an Information Technology field with at least three years in an information security function required. Experience in a retail company preferred.
3. Experience writing security policies required.
4. System design and architecture experience required.
5. Systems administration and/or network/data communications experience required.
6. Experience conducting security assessments and knowledge of Windows and Linux operating systems required.
7. Experience with software development or background with writing automated scripts preferred.
8. Knowledge of core internet and network protocols preferred (e.g., TCP/IP, DNS, SMTP, HTTP etc.).
9. Demonstrated strong interpersonal skills with the ability to develop alliances with key stakeholders preferred.
10. Ability to work extended hours, drive an automobile and travel as required.
11.MCSA, MCSE, CCNA, Security +, or CISSP certifications preferred.
 
 
We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws.