Information Security Sr. Architect, Dir.

Company: FHLBank San Francisco
Location: San Francisco
Posted on: June 25, 2022

Job Description:

Job Description:Individual contributor responsible for designing, building, testing, and implementing information security systems and solutions to protect the Bank's computing environment. The Security Architect is expected to obtain a thorough understanding of the Bank's business operations to align security strategy and controls. Job duties will also include risk assessments, testing for vulnerabilities, performing evaluations of security products, researching security systems, standards, and authentication protocols. The Security Architect may be required to assist with the engineering and operations of the Bank information security systems. The Security Architect will play a key role to maintain a strong information security program.Major Accountabilities:Design information security solutions that balance business requirements with information and cybersecurity requirements.Review current system security measures, recommend and implement enhancements to improve or maintain the Bank's information security posture.Plan, research, and design robust security architectures for IT projects.Define and document security requirements by evaluating business strategies and requests.Document and update security standards, policies, and procedures.Maintain security by monitoring and ensuring compliance to standards, policies, and proceduresIdentify security gaps and design solutions to minimize risk to the organization.Investigate security related alerts and analyze events for impact and escalation., when requiredAssist in preparing documentation and solutions that remediate security issues and cyber incidents.Provide guidance and assistance to members of the security operations and engineering team.Regularly communicate vital information, security needs, and priorities to management.Stay current on informaiton security trends and news, including researching emerging technologies and maintain awareness of current security risks.Participate in security vulnerability assessments and penetration tests on Bank systems and applications.Participate in periodic policy compliance reviews, risk assessments, and control testing.Participate in internal security audits and investigations.Participate in rotating on-call system administration support including but not limited to weekends, holidays and after-business hours as required to service the needs of the business.Skills/Knowledge:Experience:Ability to utilize emerging technologies to design and implement security solutions; monitoring and improving those solutions while working with an information security teamProven ability to consult and engineer the design and development of security best practices; implementation of security measures to meet business goals, customer needs and regulatory requirementsExperience with designing security solutions for on premise and cloud computing, including protections against data breaches, hacking, account hijacking, malicious insiders, third parties, authentication attacks, APTs, data loss, and DoS attacksExperience with identity and access management and privilege account management; tracking and creating/enforcing policies that govern access sensitive technology resources and information assetsMinimum of six years of hands-on experience in an Information Security role.Bachelor's degree in Computer Science, Information Systems, a related field, or equivalent work experience, is required.Banking and/or financial services industry experience, a plus.General Skills:Strong communication, critical thinking, and analytical skillsProven leadership, project and team-building skills, including the ability to lead teams and drive initiatives in multiple departmentsDemonstrated ability to identify risks associated with business processes, operations, technology projects and information security programsAbility to function as an enterprise security subject matter expert who can explain complex topics to those without a technical backgroundSelf-motivated, organized and able to multi-task, prioritize, and adhere to deadlines.Able to operate independently and effectively.Excellent written and verbal communication skills, demonstrating the ability to write with purpose, clarity, and accuracy to both technical and non-technical audiences.Technical Skills:Detailed knowledge of the following areas: Windows and Linux Security, Networking Security, Vulnerability Management, Cloud Security, Identity and Access Management.Strong understand of security concepts and hands-on with tools and systems such as firewalls, IDS/IPS, SIEM, manage antivirus/antimalware, patch management, NAC, DLP, and vulnerability scanners.Knowledge of risk assessment procedures, policy creation and compliance, understand and leverage security attack frameworksIndustry certification is a plus: GIAC Security Essentials, Certified Ethical Hacker, GIAC Certified Incident Handler, Certified Security Administrator (firewall), CISSP.Programming knowledge, a plus (Perl, Python, C, PowerShell, Ruby, SOAP, XML, Java/Hadoop).Knowledge of compliance and regulatory program requirements, a plus (such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards).At the Federal Home Loan Bank of San Francisco, our top priority is the health and safety of our team members, our families, and the communities we serve. As part of our commitment to health and safety, the Bank requires all employees to be fully vaccinated against COVID-19 as a condition of employment. New employees must be able to provide proof of vaccination on their first day of work. A person is considered fully vaccinated two weeks after the second dose of a two-dose COVID-19 vaccine or two weeks after a single-dose COVID-19 vaccine has been administered.If you are unable to be vaccinated against COVID-19 because of a sincerely held religious belief, medical condition, or disability, the Bank will consider requests for accommodation in accordance with applicable law.Qualifications:The Federal Home Loan Bank of San Francisco is an Equal Employment Opportunity employer and is committed to a diverse workforce. We value and actively seek to recruit, develop, and retain individuals with varied backgrounds and experiences reflecting the full diversity of the communities that we serve. It is the policy of the Bank to comply with all applicable laws concerning the employment of persons with disabilities.

Keywords: FHLBank San Francisco, San Francisco , Information Security Sr. Architect, Dir., Other , San Francisco, California