You Are:

The Information Security Architect Professional will work in the Information Security Delivery Risk & Compliance team in the CISO organization. They will be responsible for reading and comprehending stated and derived security requirements in government solicitations and contracts and providing recommendations to design and implement secure solutions. 

This role will require active collaboration with a variety of different technology teams within AFS IT, AFS Information Security, AFS Technology Growth Platform, and Accenture Information Security to promote secure engineering practices. The candidate should have a strong understanding of external regulations and best practices as well as unique business needs and capabilities. The candidate will have expertise in one or more of the following areas: cloud security, application security, network security.

 Responsibilities Include:

• Identify and interpret contractual security requirements to ensure alignment with organizational policies, standards, and regulatory requirements.
• Provide expert recommendations on information security best practices and solutions to meet contractual security requirements. This includes assessing existing systems and proposing enhancements to improve security posture.
• Interact with and advise senior and executive management on contractual matters; In consultation with appropriate subject matter experts, provides interpretation of contractual, regulatory and legal requirements to management and internal customers.
• Articulate security concerns related to the proposed solution and provide guidance to minimize risks.
• Identify security requirements by evaluating business needs and technical requirements and relate them to required/desired security controls.
• Act as an advisor and business enabler to IT teams seeking guidance on security practices and controls to support secure solution design.
• Liaise with other security architects and security practitioners to share best practices and insights.
• Remain aware of developments and changes in the digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.
• Stay up-to-date on the state of enterprise IT and security tools, trends, and processes.

Here's What You Need:

• US Citizenship required.
• 3 years of experience in IT or information security engineering
• 2 years of experience with application and network security principles
• 2 years of experience with Microsoft cloud services (e.g., Azure Active Directory, Azure IaaS/PaaS, Office 365)
• Strong understanding of secure web application network protocols (HTTP(S), TLS, SFTP, etc.)
• Understanding of the OWASP Top 10 application security risks and its mitigations

Bonus Points if you have:

• 3 years direct security architect experience
• Prior experience performing ongoing maintenance and operations of security technologies (e.g. management of firewalls, IDS/IPS, endpoint security, etc.)
• Knowledge of US security requirements related to regulations/standards such as NIST SP 800-171, 800-53, RMF, ISO 27001, SOX, etc.
• Experience using Agile within project or development teams.
• Certifications: CISSP, CISSP-IASSP, CISM, SSCP, SANS GIAC (e.g. GCIA, GCIH, GPEN), CASP, CCNP Security
• An active security clearance or the ability to obtain one may be required for this role.