Senior Architect- Encryption

POSITION PURPOSE -
The Senior Encryption Architect is responsible for engineering aspects of the company’s Public Key Infrastructure (PKI) and encryption services. The encryption team supports both internally and externally hosted Certification Authorities (CAs), a centralized Certificate Lifecycle Management (CLM) system, Hardware Security Modules (HSMs). The encryption team also provides support across the enterprise regarding data protection and cryptography technologies.

Scope of Activities:
Design and lead the encryption domain by aligning business requirements and IT strategies, detecting critical deficiencies, and recommending solutions for continuous improvement.
Monitor and administer certificate usage/deployment/expiration and ensure compliance with corporate security standards
Design and assist in testing changes/additions to the encryption infrastructure
Design and Lead the POCs around PKI, encryption and other certificate related technologies
Ensure 24x7 uptime of encryption services
Document, recommend and review encryption projects (for example, business requirements, architectural design and build/operate artifacts).
Work with information security leadership and cross-functional teams to develop strategies and plans to enforce security requirements and address identified risks.
Involved in planning the delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Research and assess new threats and security alerts and recommend remedial actions.

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES - 
Performs the necessary leadership, facilitation, analysis and design tasks related to the development of enterprise encryption solutions.
Lead investigation of high level complex violations of Information Security Policies and direct activity to analyze forensic data from Sr. Analysts. Develop recommendations and take appropriate action.
Present to Information Technology management development/implementation plan for secure solutions.
Present findings to manager on compliance reporting for Information Securities Policies.
Drive the Disaster Recovery and Business Continuity strategy.
Provide technical direction to analysts, associates and contractors.
Develop Information Security Policies, Standards and Guidelines.
Automate access provisioning across supported systems and applications with documentation. Direct, define and provide audit reporting.
Lead design, development, and deployment of technical and application solutions to meet business requirements across an IT portfolio that are cost effective and sustainable.
Deliver conceptual, logical, and physical solution specifications.
Provide input into annual budget planning for technology migrations and project cost estimation.
Research, identify, test, certify, and select technology products required for solution delivery.
Establish and implement technology migration strategies and provide technical oversight across an IT portfolio.
Drive implementation and use of technology governance processes.
Select, develop, and motivate assigned staff.

PREFERRED QUALIFICATIONS – 
Master’s degree in computer science, systems analysis or a related study, or equivalent experience.
Minimum 5 years’ experience related to cryptographic principles and concepts, including architecture, design, monitoring, management, and operations
System administrative skills for both Windows and Linux OS
Proficient in the submitting configuration change requests for Firewalls, Load Balancers and 2-factor authentication
Design and lead the encryption domain by aligning business requirements and IT strategies, detecting critical deficiencies, and recommending solutions for continuous improvement.
Monitor and administer certificate usage/deployment/expiration and ensure compliance with corporate security standards
Design and assist in testing changes/additions to the encryption infrastructure
Lead the definition of POCs around PKI, encryption and other certificate related technologies
Ensure 24x7 uptime of encryption services
Knowledge of business process re-engineering principles and processes.
Basic knowledge of financial models and budgeting.
Understanding of the political climate of the enterprise, and how to navigate the political waters.
Thorough understanding of Information Security frameworks and best practices (e.g. ISO, NIST),
Strong leadership skills.
Knowledge of business process re-engineering principles and processes.
Basic knowledge of financial models and budgeting.
Understanding of the political climate of the enterprise, and how to navigate the political waters.
Ability to understand the long-term ('big picture') and short-term perspectives of situations.
Ability to estimate the financial impact of technical architecture alternatives.
Ability to apply multiple technical solutions to business problems.

NATURE AND SCOPE - 
Typically reports to Director or Enterprise Architect, Security or Information Technology 

ENVIRONMENTAL JOB REQUIREMENTS - 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. 
Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS - 
Must be eighteen years of age or older. 
Must pass the Drug Test. 
Must successfully complete any required training or orientation courses. 

EDUCATION REQUIRED - 
The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED. 

YEARS OF RELEVANT WORK EXPERIENCE - 10

PHYSICAL JOB REQUIREMENTS - 
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. 

ADDITIONAL QUALIFICATIONS - 
Direct hands-on experience with one or more of the following InfoSec solutions: Anti-Virus, intrusion detection, firewalls, content filtering, rick assessment. 

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES - 
Expert technical proficiency in one or more of the following: Retail applications, Windows platform, UNIX platforms, MVS COBOL, JAVA, J2EE, Relational Databases, Websphere Application Server, Websphere Commerce, Websphere MQ, Networking (Voice, LAN, WAN), SAP, Siebel, Peoplesoft. Comprehensive understanding of systems, applications, and/or networks so that practical solutions can be provided that factor system performance, usability, quality, cross-system interdependencies, scalability, and overall cost to develop and maintain. Advanced problem solving and analytical skills. Advanced oral and written communications skills.