Overview
On Site
Contract - W2
Skills
Pharmaceutics
Cyber Security
Pivotal
Project Documentation
Security Policy
Research
Encryption
Access Control
Web Applications
OWASP
Web Application Security
Software Architecture
Software Security
Risk Assessment
Software Development
Facilitation
Security QA
Testing
Status Reports
Work In Process
Documentation
Software Development Methodology
Training
Mentorship
Information Technology
Computer Science
Information Systems
Systems Analysis
Application Development
System Administration
Auditing
CISA
Security Management
CISM
CISSP
Cloud Security
Cisco Certifications
Security Controls
Cloud Computing
SaaS
PaaS
IaaS
Network
Analytical Skill
Conflict Resolution
Problem Solving
Writing
Organizational Skills
Attention To Detail
Information Security
Management
ISO/IEC 27001:2005
Payment Card Industry
MEAN Stack
Customer Service
Training And Development
SAP BASIS
Job Details
Software Guidance & Assistance, Inc., (SGA), is searching for an Cyber Security Architect for a CONTRACT TO HIRE assignment with one of our premier Pharmaceutical clients in Pennsylvania . This position is fully remote however candidates should be located in EST/CST time zones
This is a good fit for you if you are a mid to senior level Information Security or Cyber Security Professional. As an Information Security Architect, you would hold an influential role. Your key responsibility would be to enhance the security of applications and systems. You would also play a pivotal role in reducing the likelihood of coding, design or configuration vulnerabilities affecting production environments, thereby mitigating potential security risks.
Your responsibilities will include collaborating with business and technical resources, reviewing project documentation, and referencing security policy to offer recommendations and guidance. You will also have the authority to approve or reject project artifacts from a security perspective, ensuring the highest level of security for the organization's systems, processes, and software applications. Responsibilities will include:
Responsibilities :
Defining security requirements by evaluating business strategies and requirements; researching information security standards
Providing consulting services and security support to internal business and technology customers
Serving as the lead security liaison on assigned projects.
Providing input and recommendations to the development teams related to architecture, design, coding practices and SDLC elements that could potentially impact the application or solution from a security perspective.
Validating controls for Encryption, Access Control, Web Application Vulnerability Detection, OWASP top 10 and other common web application security parameters.
Reviewing application architecture and design from an application security and information security perspective ensuring alignment with organization security standards and industry best practices.
Serving as a subject matter expert (SME) for performing vendor risk assessments (including Cloud Services) to improve overall vendor risk program.
Assisting with the development of secure coding standards
Providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information
Ensuring that development is done in accordance with industry standards for secure development
Facilitating Periodic static code analysis utilizing existing standard service offering.
Facilitating dynamic and/or manual security testing utilizing existing standard service offering
Reviewing, developing, testing, and implementing security plans, products, and control techniques
Reviewing circumstances surrounding security gaps in and designs corrective actions
Maintaining awareness of security and technology trends and shares that knowledge with others
Evangelizing security policies, standards, and nonfunctional requirements where/when needed
Daily and Weekly Status Reporting - for Work in Process and Planned and issues
Documenting processes, procedures, assessment outputs, working papers documentation to support existing SDLC and governance requirements
Representing security and IT risks among other company risk departments and committees.
Evaluating the effectiveness of awareness and training programs and makes recommendations for improvement.
Mentoring less-experienced team members and collaborating across Information Technology
What your background should look like
Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience
10-15 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over five years of experience designing and deploying security for Business products and services and Enterprise solutions at the enterprise level.
Preferred Certification in one or more Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500
Requires in-depth knowledge of security issues, techniques and implications across all existing computer platforms.
Experience with evaluating and implementing security controls as related to Cloud based services including SaaS, PaaS, IaaS.
Strong computer skills to operate effectively with company systems and programs; working knowledge of applicable computer applications used at the firm
Working knowledge of network solutions and systems
Good analytical and problem-solving skills
Ability to communicate effectively both orally and in writing
Good interpersonal skills
Ability to prioritize workload and consistently meet deadlines
Strong organizational skills; attention to detail
Ability to lead and provide direction to project/product teams
Strong consultative skills: ability to interface effectively with technical and non-technical leaders.
Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.
Demonstrated sound understanding of at least 3 of the following control frameworks such as ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI
Business experience in a matrix Organization required
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
This is a good fit for you if you are a mid to senior level Information Security or Cyber Security Professional. As an Information Security Architect, you would hold an influential role. Your key responsibility would be to enhance the security of applications and systems. You would also play a pivotal role in reducing the likelihood of coding, design or configuration vulnerabilities affecting production environments, thereby mitigating potential security risks.
Your responsibilities will include collaborating with business and technical resources, reviewing project documentation, and referencing security policy to offer recommendations and guidance. You will also have the authority to approve or reject project artifacts from a security perspective, ensuring the highest level of security for the organization's systems, processes, and software applications. Responsibilities will include:
Responsibilities :
Defining security requirements by evaluating business strategies and requirements; researching information security standards
Providing consulting services and security support to internal business and technology customers
Serving as the lead security liaison on assigned projects.
Providing input and recommendations to the development teams related to architecture, design, coding practices and SDLC elements that could potentially impact the application or solution from a security perspective.
Validating controls for Encryption, Access Control, Web Application Vulnerability Detection, OWASP top 10 and other common web application security parameters.
Reviewing application architecture and design from an application security and information security perspective ensuring alignment with organization security standards and industry best practices.
Serving as a subject matter expert (SME) for performing vendor risk assessments (including Cloud Services) to improve overall vendor risk program.
Assisting with the development of secure coding standards
Providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information
Ensuring that development is done in accordance with industry standards for secure development
Facilitating Periodic static code analysis utilizing existing standard service offering.
Facilitating dynamic and/or manual security testing utilizing existing standard service offering
Reviewing, developing, testing, and implementing security plans, products, and control techniques
Reviewing circumstances surrounding security gaps in and designs corrective actions
Maintaining awareness of security and technology trends and shares that knowledge with others
Evangelizing security policies, standards, and nonfunctional requirements where/when needed
Daily and Weekly Status Reporting - for Work in Process and Planned and issues
Documenting processes, procedures, assessment outputs, working papers documentation to support existing SDLC and governance requirements
Representing security and IT risks among other company risk departments and committees.
Evaluating the effectiveness of awareness and training programs and makes recommendations for improvement.
Mentoring less-experienced team members and collaborating across Information Technology
What your background should look like
Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience
10-15 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over five years of experience designing and deploying security for Business products and services and Enterprise solutions at the enterprise level.
Preferred Certification in one or more Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500
Requires in-depth knowledge of security issues, techniques and implications across all existing computer platforms.
Experience with evaluating and implementing security controls as related to Cloud based services including SaaS, PaaS, IaaS.
Strong computer skills to operate effectively with company systems and programs; working knowledge of applicable computer applications used at the firm
Working knowledge of network solutions and systems
Good analytical and problem-solving skills
Ability to communicate effectively both orally and in writing
Good interpersonal skills
Ability to prioritize workload and consistently meet deadlines
Strong organizational skills; attention to detail
Ability to lead and provide direction to project/product teams
Strong consultative skills: ability to interface effectively with technical and non-technical leaders.
Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.
Demonstrated sound understanding of at least 3 of the following control frameworks such as ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI
Business experience in a matrix Organization required
SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .
SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.