Blog

Role: Information Security Architect

Location: Atlanta, GA (Onsite)

Job Description:

1. Perform Threat Analysis & Create/Update the Threat Modelling
2. ? The Information Security Architect performs threat analyses for complex technical designs and reports the results using standard templates.
3. ? The Information Security Architect creates the initial Threat Modelling (with new applications/systems) or updates an existing Threat Modelling (with upgraded applications/systems).
4. ? The Information Security Architect tracks critical and high findings and updates the respective changes in the Threat Modelling.
5. 2. Derive Security Requirements
6. ? Given application or system descriptions, the Information Security Architect derives security requirements that will match the respective level of abstraction.
7. 3. Review Design and Report Issues? The Information Security Architect reviews the design documents with respect to o Fulfillment of security requirements o (Common) design errorso Already known design shortcomings (are they fixed or not)
8. ? The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
9. 4. Review Implementation and Report Issues? The Information Security Architect reviews the implementation with respect to
10. ? Fulfillment of security/design requirements
11. ? (Common) implementation errors,? Already known implementation shortcomings (e.g., from Code scan or Pen Testing, are they fixed or not?)
12. ? The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
13. 5. Review Project Security Planning and Report Issue? The Information Security Architect reviews various project management documents with respect to o plausibility of effort estimates for planned security tasks,o plausibility of cost estimates for planned security tasks,o overall plausibility of the timeline for security tasks,o the overall progress of security, o completeness of planned security tasks o security budget planning,o ordering status of mandatory security services,o mandatory security-related tasks? The Information Security Architect submits a written report that lists. o all shortcomings, together with suggestions on how to fix them,o all possible risks to achieving project goals that relate to information security.
14. 6. Cyber Security Incident Management? Responsible for end-to-end cyber security incident management process.
15. 7. Various Expert Consulting? The Information Security Architect will answer explicit questions on various security-related subjects, e.g. on o Information Classification, o Security aspects of project management, o Technical information security, etc.o Cryptography,o Cloud Security,o TPRM ? Third-Party Risk Managemento Vulnerability Review and Assessment,o Dev Sec-opso Security Toolso Audit Support (External and Internal)
16. 8. Technical Security Tasks? Given the necessary input, the Information Security Architect will perform complex tasks with a specific, well-described result. T

Regards

Sagar Bhardwaj

Sr. Technical Recruiter

300 Alexander Park |Suite #200|Princeton , NJ 08540

Office: +1 7324521006 Ext238

Email: [email protected]| URL: http://www.diverselynx.com