Information Security Architect - Remote
EVOTEK, Inc.
Denver, colorado
Job Details
Full-time
Full Job Description
EVOTEK is North America's premier enabler of secure digital business focused on innovation. With an integrated set of technical domains, including data center, network, security, cloud, and communications, EVOTEK provides a cohesive approach to digital initiatives while driving business impact. In addition to technical solutions, EVOTEK offers advisory services and strategic sourcing to help bridge the gap between IT and business, reducing functional silos and facilitating alignment. EVOTEK was named Inc. Magazine's "Best Places to Work" in 2018, 2020, and 2022. In addition, for seven consecutive years, EVOTEK was listed in The San Diego Business Journal's "Best Places to Work" and recognized in CRN's "Solution Provider 500" list, CRN's "Next-Generation 250" list, CRN's "Triple Crown" and highlighted as CRN's "Top 150 Growth Companies".
The Security Architect will perform design, review, provide implementation and testing oversight, and validation of security systems withing client IT infrastructure. This often includes reviewing current security posture (including security solutions, security measures, policies, and standards), identifying areas of weakness, and responding promptly to potential security concerns and breaches of client environments.
Additionally, the Security Architect is expected to advise clients on security subjects, providing guidance on a wide range of security concepts, best practices, and can serve in a security leadership role approving or denying changes to client environments as engagements require.
This individual is expected to stay abreast of current and emerging security concepts, attacks, vulnerabilities, and best-practices.
Additional Responsibilities include:
- Responsible for sharing concerns and guidance with clients and internal team members on these subjects in a timely and effective manner.
- Reviewing and/or designing secure architectural designs for client organizations based on client requirements, security architectural best practices, and operational needs. This work may be performed across on-prem, cloud or hybrid cloud environments in existence or planned.
- Security architects provide the following services for our clients:
- Provide security architecture advisory and guidance.
- Assess project requirements related to security requirements standards and provide architectural recommendations.
- Identify architectural security risks associated with proposed changes/solutions and compensating/mitigating controls where necessary.
- Identify gaps in existing security related capabilities to meet client requirements.
- Assess and/or create low level and high-level architecture designs.
- Assess and/or create reference and solution architectures.
- Facilitate and advise on the collection of business requirements pertaining to security.
- Contribute to strategic planning/road mapping initiatives related to security architecture.
- Review of the current environment, specifically reviewing administrative, technical, and physical controls based on the client’s industry and risk tolerances.
- Work closely with client teams on the selection of security tools and solutions, as well as architecting the implementation of said tools.
- Conduct assessments on tools and environments based on industry best practices and standards.
Requirements
- 10+ years’ experience in Technology and Cybersecurity.
- 5+ years’ experience in security architecture.
- Deep experience in either infrastructure related security or application security as a primary focus.
- Familiarity with security in non-primary area (infrastructure security or application security).
- Experience with one or more security best practice frameworks and controls (e.g., NIST CSF, CIS Controls, HITRUST CSF, etc.).
- Experience with architectural methodologies and frameworks (e.g., SABSA, TOGAF, Zachman) is a plus.
- Ability to operate within a Waterfall, Agile or hybrid solutions delivery/project management model.
- Familiarity with current and evolving security related compliance requirements (e.g., GDPR, CCPA, HIPAA, PCI, etc.).
- Knowledge of DevOps / DevSecOps concepts and frameworks is a plus.
- The ability to interact with a wide range of people from different backgrounds and experience levels.
- Excellent teaching, problem-solving, communication, and interpersonal skills.
- Excellent documentation skills. Including, but not limited to: Architectural High-Level and Low-Level diagrams [HLDs and LLDs], Network diagrams, Data-flow diagrams, Requirement’s artifacts (e.g., non-functional, and technical requirements) and Security Policy and Standards documentation.
Benefits
- Salary commensurate with years’ of experience, technical expertise and geographic location.
- Salary range: $150,000 to $180,000.
- Performance bonuses.
- Benefits package that includes 100% paid medical, dental and vision for the employee.
- 401(k) with employer match.
- Strong company culture.
- Flexible PTO policy.
- Flexible working arrangements.
- Annual company overnight retreat (employee + significant other).
Equal Opportunity Employer
EVOTEK believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.