Back to Job Search

Principal Security Architect

  • Location: Plano, 75024
  • Salary: $130000 - $140000 / year
  • Job Type:Permanent

Posted 2 months ago

This North American industry leader has an immediate full-time opportunity in Plano, TX for a Principal Security Architect.  This position requires working onsite 3 days per week.  The Principal Security Architect supports the CISO in implementing policies and technologies that secure enterprise information and the access points by which enterprise information is obtained. The incumbent will work as a leader with Security, Risk, and Compliance to ensure we have proper planning, implementation, and testing processes to meet security requirements. The individual will work with Information Security staff, helping educate them on applying best practices and procedures. In addition, the Principal Security Architect will work with internal and external development teams, project management leadership, and the spend management organization to ensure that:

  • Security best practices are followed to maintain the company’s stated security posture throughout all development lifecycle phases.

  • Security is adequately implemented and socialized among the internal and external development and Product Assurance teams.

  • Company assets are protected in a cost-efficient manner.

  • Risks are identified, assessed, and potential mitigations are documented for review by the Information Security Steering Committee.

RESPONSIBILITIES:

  • Perform risk assessments to identify, analyze, and quantify risks and vulnerabilities in code, systems, products, and business processes as needed. Provide strategies for establishing and sustaining the security requirements of an information asset and identify protection goals and objectives consistent with the company’s strategy and business objectives. These assessments can take multiple formats, including audits, vulnerability tests, self-assessments, industry comparisons, code reviews, etc.

  • Assist in the development and implementation of security procedures and measures to ensure that information security is tightly integrated into each phase of the relevant development and acquisition lifecycles and follows appropriate security policies

  • In coordination with various departments, define, design, and implement security goals and requirements for all development, pre-production, and SaaS/IaaS/PaaS systems, projects, and processes, including but not limited to: authentication, authorization, access control enforcement, transaction privacy, non-repudiation, intrusion detection, and containment, audit-proof of wholeness, secure state restoration, and protected communication by utilizing appropriate technologies such as firewalls, VPN, logs, intrusion detection, password policy enforcement, physical access controls, software controls, etc. and assure that the requirements of the services are continuously met during pre-production.

  • Assist in the sourcing, creation, and provision of training and advisory programs for all relevant personnel to ensure that all members of various project, development, and systems implementation/maintenance teams have the necessary knowledge to develop and maintain secure products

  • Coordinate the security hand-off of all projects and releases as they are moved into production

  • Perform security testing and test case development to ensure security requirements are met before work is released to production.

  • Produce security and risk reports as needed. Ensure that security issues and risks identified are correctly documented, communicated, escalated, and resolved.

  • Maintain relationships with vendors, consultants, and appropriate agencies to ensure optimum service levels and that the new systems and code fully comply with statutory and regulatory requirements.

  • Other tasks as required by  management or business needs

REQUIREMENTS:

  • Bachelor’s degree in a related field is required.

  • 6+ years of information security experience.

  • Strong Cloud Security experience (AWS strongly preferred)

  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Systems Security Manager (CISSM), or similar certification preferred.

  • Demonstrated experience evaluating and providing recommendations to address deficiencies within Network Security, Network Hardware Configuration, Network Protocols, Networking Standards, and Information Security Policies

  • Knowledge of software vulnerabilities (OWASP Top Ten, CWE/SANS Top 25, etc.) and means of defeating/preventing them

  • Solid understanding of information technology and information security practices and controls, including but not limited to encryption, network security, data protection, authentication, authorization, logical and physical segmentation, and incident logging.

  • Experience with information and personal privacy issues, copyright and software piracy law, and IT audit and control issues

  • Experience and familiarity with control and security frameworks such as COSO, COBiT, and ISO 27002

  • Knowledge of a variety of regulations including, but not limited to, the Sarbanes-Oxley Act of 2002, PCI-DSS 3.0, the Graham-Leach-Bliley Act, HIPAA, and US state privacy laws

  • Must be articulate and persuasive with the ability to communicate security-related concepts to a broad range of technical and non-technical staff; both written and oral

Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.

About Us

At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re consistently in the top 25 of all U.S. IT staffing firms and why our consultants rate us well above the industry average, earning us ClearlyRated's Best of Staffing awards year after year. People come to us for a job, and stay with us because of our top-notch consultant care.

MATRIX is and Equal Employment Opportunity employer including disability and veteran and provides reasonable accommodations for all qualified individuals.  Supporting medical or religious documentation will be required where applicable. If you are a qualified individual you may request a reasonable accommodation under the American Disability Act (ADA). If you are a person with a disability needing assistance applying, or at any point in the hiring process, please email us at MATRIX_HR@MatrixRes.com. To ensure a quick response to your request, please use the words “Accommodation request” as the subject line of your email.

For hourly W2 contract roles MATRIX offers a highly competitive benefit package including Medical, Dental, Vision, Life, Disability, HSA, and 401(k) with pre and post-tax options.  Please see MatrixRes.com/Benefits for more information.

For direct hire placement with our clients, benefits would be offered in accordance with that particular client’s offerings. This may include PTO, Medical, Dental, Vision, 401K and other pre and post-tax options.