Security Architecture Lead - Strategy, IAM & Risk

Essential Functions: Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers. Develop security strategy plans and roadmaps based on sound enterprise architecture practices. Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations. Develop guidance and recommendations for franchisees on PCI standards and compliance. Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts. Participate in application and infrastructure projects to provide security planning advice. Develop, implement and refined security procedures and standards. Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization. Conduct vulnerability assessments and other security reviews of systems, and plan and prioritize remediation. Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system. Direct internal and third-party technicians on information security, applications and infrastructure to produce optimal designs. Produce and maintain technical documentation of systems and architectures. Support vendor selection and analysis by evaluating third party security fit within the domain. Maintain professional and technical knowledge through appropriate training courses, selected reading, conferences and involvement with professional organizations. Requirements: Bachelor’s degree in computer science, cybersecurity or related field Minimum of five years of relevant experience Experience in using security architecture methodologies Experience reviewing application code for security vulnerabilities Direct experience using vulnerability management tools Full-stack knowledge of IT infrastructure Experience designing IAM technologies and services (e.g., Active Directory, LDAP, Azure, IAM) Strong working knowledge of IT service management Working knowledge of: Payment Card Industry's Data Security Standard (PCI-DSS), General Data Protection Regulation (GDPR), Privacy Principles (best practices), International Organization for Standardization (ISO) 27001/2, National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Strong verbal communication and writing skills Experience leading and mentoring individuals and groups Ability to concentrate on a wide range of loosely defined complex situations, which require application of creativity and originality, with limited guidance and counsel High level of organizational and project management skills to handle multiple concurrent assignments in a timely manner

#J-18808-Ljbffr