Information Security Architect

**What's this role about?**

**Here's how you'll contribute**:
You'll do this by:
Core Skills:
Desired Skills:
**How we’d like you to lead**:
**Advantage Zensar**

We are a technology consulting and services company with 11, 800+ associates in 33 global locations. More than 130 leading enterprises depend on our expertise to be more disruptive, agile and competitive. We focus on conceptualizing, designing, engineering, marketing, and managing digital products and experiences for high-growth companies looking to disrupt through innovation and velocity.

Zensar Technologies is an Equal Employment Opportunity (EEO) and Affirmative Action Employer, encouraging diversity in the workplace. Please be assured that we will consider all qualified applicants fairly, regardless of race, creed, color, ancestry, religion, sex, national origin, citizen status, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veterans’ status.

Zensar is a place where you are free to express yourself in an environment that values individuality, nurtures development and is mindful of wellbeing. We put our people and customers at the center of everything that we do. Our core values include:

- Putting people first
- Client-centricity
- Collaboration

**Architect II Job Description**

**What you will be doing**
- Defining security requirements by evaluating business strategies and requirements; researching information security standards
- Providing consulting services and security support to internal business and technology customers
- Serving as the lead security liaison on assigned projects.
- Assisting with the development of secure coding standards
- Providing technical expertise on secure software development and support of all associated activities, processes, and tools for protecting technology-based information
- Ensuring that development is done in accordance with industry standards for secure development
- Facilitating Periodic static code analysis utilizing existing standard service offering.
- Facilitating dynamic and/or manual security testing utilizing existing standard service offering
- Reviewing, developing, testing, and implementing security plans, products, and control techniques
- Reviewing circumstances surrounding security gaps in and designs corrective actions
- Maintaining awareness of security and technology trends and shares that knowledge with others
- Evangelizing security policies, standards, and nonfunctional requirements where/when needed
- Daily and Weekly Status Reporting - for Work in Process and Planned and issues
- Documenting processes, procedures, assessment outputs, working papers documentation to support existing SDLC and governance requirements
- Representing security and IT risks among other company risk departments and committees.
- Evaluating the effectiveness of awareness and training programs and makes recommendations for improvement.
- Mentoring less-experienced team members and collaborating across Information Technology

**What your background should look like**
- Bachelor's Degree in Computer Science, Information Systems or other related field, or equivalent work experience
- Preferred Certification in one or more Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500
- Requires in-depth knowledge of security issues, techniques and implications across all existing computer platforms.
- Experience with evaluating and implementing security controls as related to Cloud based services including SaaS, PaaS, IaaS.
- Working knowledge of network solutions and systems
- Good analytical and problem-solving skills
- Ability to communicate effectively both orally and in writing
- Good interpersonal skills
- Ability to prioritize workload and consistently meet deadlines
- Strong organizational skills; attention to detail
- Ability to lead and provide direction to project/product teams
- Strong consultative skills: ability to interface effectively with technical and non-technical leaders.
- Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.
- Demonstrated sound understanding of at least 3 of the following control frameworks such as ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI
- Business experience in a matrix Organization required