Back to Job Search

Principal Security Architect

  • Location: Plano, 75024
  • Salary: $130000 - $140000 / year
  • Job Type:Permanent

Posted 10 months ago

This North American industry leader has an immediate full-time opportunity in Plano, TX for a Principal Security Architect.  This position requires working onsite 3 days per week.  The Principal Security Architect supports the CISO in implementing policies and technologies that secure enterprise information and the access points by which enterprise information is obtained. The incumbent will work as a leader with Security, Risk, and Compliance to ensure we have proper planning, implementation, and testing processes to meet security requirements. The individual will work with Information Security staff, helping educate them on applying best practices and procedures. In addition, the Principal Security Architect will work with internal and external development teams, project management leadership, and the spend management organization to ensure that:

  • Security best practices are followed to maintain the company’s stated security posture throughout all development lifecycle phases.

  • Security is adequately implemented and socialized among the internal and external development and Product Assurance teams.

  • Company assets are protected in a cost-efficient manner.

  • Risks are identified, assessed, and potential mitigations are documented for review by the Information Security Steering Committee.

RESPONSIBILITIES:

  • Perform risk assessments to identify, analyze, and quantify risks and vulnerabilities in code, systems, products, and business processes as needed. Provide strategies for establishing and sustaining the security requirements of an information asset and identify protection goals and objectives consistent with the company’s strategy and business objectives. These assessments can take multiple formats, including audits, vulnerability tests, self-assessments, industry comparisons, code reviews, etc.

  • Assist in the development and implementation of security procedures and measures to ensure that information security is tightly integrated into each phase of the relevant development and acquisition lifecycles and follows appropriate security policies

  • In coordination with various departments, define, design, and implement security goals and requirements for all development, pre-production, and SaaS/IaaS/PaaS systems, projects, and processes, including but not limited to: authentication, authorization, access control enforcement, transaction privacy, non-repudiation, intrusion detection, and containment, audit-proof of wholeness, secure state restoration, and protected communication by utilizing appropriate technologies such as firewalls, VPN, logs, intrusion detection, password policy enforcement, physical access controls, software controls, etc. and assure that the requirements of the services are continuously met during pre-production.

  • Assist in the sourcing, creation, and provision of training and advisory programs for all relevant personnel to ensure that all members of various project, development, and systems implementation/maintenance teams have the necessary knowledge to develop and maintain secure products

  • Coordinate the security hand-off of all projects and releases as they are moved into production

  • Perform security testing and test case development to ensure security requirements are met before work is released to production.

  • Produce security and risk reports as needed. Ensure that security issues and risks identified are correctly documented, communicated, escalated, and resolved.

  • Maintain relationships with vendors, consultants, and appropriate agencies to ensure optimum service levels and that the new systems and code fully comply with statutory and regulatory requirements.

  • Other tasks as required by  management or business needs

REQUIREMENTS:

  • Bachelor’s degree in a related field is required.

  • 6+ years of information security experience.

  • Strong Cloud Security experience (AWS strongly preferred)

  • Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Systems Security Manager (CISSM), or similar certification preferred.

  • Demonstrated experience evaluating and providing recommendations to address deficiencies within Network Security, Network Hardware Configuration, Network Protocols, Networking Standards, and Information Security Policies

  • Knowledge of software vulnerabilities (OWASP Top Ten, CWE/SANS Top 25, etc.) and means of defeating/preventing them

  • Solid understanding of information technology and information security practices and controls, including but not limited to encryption, network security, data protection, authentication, authorization, logical and physical segmentation, and incident logging.

  • Experience with information and personal privacy issues, copyright and software piracy law, and IT audit and control issues

  • Experience and familiarity with control and security frameworks such as COSO, COBiT, and ISO 27002

  • Knowledge of a variety of regulations including, but not limited to, the Sarbanes-Oxley Act of 2002, PCI-DSS 3.0, the Graham-Leach-Bliley Act, HIPAA, and US state privacy laws

  • Must be articulate and persuasive with the ability to communicate security-related concepts to a broad range of technical and non-technical staff; both written and oral

Candidates will be responsible for following the client's COVID-19 protocols. Please refer to your MATRIX representative for specifics.

About Us

At MATRIX, we expertly match talented professionals with job opportunities to elevate careers. Since 1983, we have placed thousands of professionals at innovative clients across every industry ranging from small startups to Fortune 50 companies. It’s why we’re a top 15 U.S. IT staffing firm and why our consultants rate us well above the industry average. People come to us for a job, and stay with us because of our top-notch consultant care.

For hourly W2 contract roles, MATRIX offers a highly competitive benefit package including Medical, Dental, Vision, Life, Disability, HSA, and 401(k) with pre and post-tax options. Please see https://www.matrixres.com/consultants-overview/benefits-and-payroll for more information. For direct hire placement with our clients, benefits will be offered in accordance with that particular client’s offerings. This may include PTO, Medical, Dental, Vision, 401K and other pre and post-tax options.

Motion Recruitment Partners is an Equal Opportunity Employer, including Veterans/Disability/Women. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Accommodation will be provided in all parts of the hiring process as required under Motion Recruitment Employment Accommodation policy. Applicants need to make their needs known in advance.