Internet Storm Center

Job Description

Technical Summary

If you like being the security mastermind behind national scale, business critical and high visibility projects, then this is the job for you! Your typical day will range from security design reviews of critical applications and systems (such as patient record systems, payment systems, IoT devices, APIs, mobile applications, ML/AI systems…you name it!) which has a direct impact on people’s lives to designing complex security capabilities as well as authoring artifacts such as guardrails, design patterns etc. which help scale security capabilities nationally. You will gain visibility across the whole organization in this role and would have the opportunity to work with architects, engineers, product owners and executives.

*Salary depends on years of experience over the minimum qualifications and specific candidate location. Range for Northern California candidates is $164000 - $212190 / year.

*Candidates must reside within one of the following KP regions (or willing to re-locate at their own expense): WA, CA, OR, VA, MD, GA, HI, DC, NY, CO.

Job Summary

This role serves as a security expert and business advisor for one or more KP business lines by demonstrating an understanding of the key business attributes for assigned business line(s), and providing security architecture guidance through various phases of security architecture projects. This position is responsible for having a deep understanding of at least one application domain, including web, mobile, ERP, and/or mainframe, and having broad understanding of other architecture domains.


Essential Responsibilities

Conducts or oversees business-specific projects by applying deep expertise in subject area; promoting adherence to all procedures and policies; developing work plans to meet business priorities and deadlines; determining and carrying out processes and methodologies; coordinating and delegating resources to accomplish organizational goals; partnering internally and externally to make effective business decisions; solving complex problems; escalating issues or risks, as appropriate; monitoring progress and results; recognizing and capitalizing on improvement opportunities; evaluating recommendations made; and influencing the completion of project tasks by others.

Practices self-leadership and promotes learning in others by building relationships with cross-functional stakeholders; communicating information and providing advice to drive projects forward; influencing team members within assigned unit; listening and responding to, seeking, and addressing performance feedback; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership and mentoring junior team members; creating and executing plans to capitalize on strengths and improve opportunity areas; and adapting to and learning from change, difficulties, and feedback.

Defines and communicates the architecture standards, guidelines, and statements of direction by facilitating the design and establishment of architecture standards or controls.

Reviews and contributes to architecture standards or controls which allow business needs to be met.

Creates architectures for large scale, high-impact, or high-cost technology solutions by collaborating with other architects to develop the target state.

Leads the development of solution architectures, roadmaps, and system transition plans to align business, applications, data, integration, and/or infrastructure architecture.

Collaborates with project teams and business users to create architecture artifacts (for example, logical, conceptual, physical) to guide detailed design.

Participates in the adoption of new high-impact technologies by researching technical trends and developments.
Helps determine the selection of technologies.

Collaborates with IT and business leadership and participates in making decisions regarding new technology.

Demonstrates a full understanding of the architecture best practices for assigned domain(s) and educates others throughout the organization on the function of architecture methodologies, governance, and standards by serving as a subject matter expert across business and/or IT teams, and presenting to internal and external audiences, including senior leadership.

Develops reports for executives, business leaders, and IT management to communicate the impact of architecture practices.
Coordinates with architects and other stakeholders to facilitate the continuous development and drive consensus on changes to the company's architecture practices.

Develops and establishes architectural best practices that guide the design of technology solutions.
Contributes to the development of the architecture strategy and technology direction by providing domain knowledge on solutions and technology.

Provides expertise and shares an understanding of current capability gaps, architectural gaps, and market and industry trends that can be used to set future direction.


Minimum Qualifications

Minimum four (4) years experience in information security, including at least Minimum two (2) years in security architecture for a medium to large size organization.
Minimum two (2) years experience with modeling techniques (e.g., BPMN, UML, ER).
Minimum three (3) years experience translating solution requirements into technical architecture requirements.
Minimum two (2) years in a technical leadership role with or without direct reports.
Bachelors degree in Computer Science, CIS, Engineering, Business, or related technical field and Minimum eight (8) years IT experience delivering technical solutions, including at least Minimum four (4) years working on projects related to IT architecture. Additional equivalent work experience may be substituted for the degree requirement.

Preferred Qualifications

Three (3) years information security experience as a subject matter expert working across two or more technology layers (e.g., application, network, platform, data).
Three (3) years experience designing security architecture for current and emerging technology landscape (e.g., enterprise email, network, cloud, big data, wireless, etc.).
Three (3) years experience translating business requirements and priorities into security architecture standards.
Four (4) years experience architecting, designing, and implementing enterprise-scale, high volume, high availability systems.
Two (2) years data architecture experience.
Two (2) years application architecture experience.
Two (2) years infrastructure architecture experience.
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other comparable security certification.