Required Skills
• In-depth exposure to technical configurations, technologies, and processing environments in one or more projects of similar size and complexity to BEST.
• In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
• Documented experience with common information security management frameworks, such as International Organization for Standardization (ISO) 2700x and the ITIL, SOX, COBIT and National Institute of Standards and Technology (NIST) frameworks.
• Eperience in architecting and implementing cloud-based security solutions.
• Strong knowledge of security tools and capabilities, such as: IDM and SSO.
• Extensive experience in integrating security tools and 3rd party vendor solutions.
• Exceptional planning, organization, communication, prioritization, and business analysis skills.
• In-depth knowledge of risk assessment methods and technologies.
• Proficiency in performing risk, business impact, control, and vulnerability assessments.
• Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity, and access management (IAM) systems, anti-malware solutions, privilege access management (PAM), data loss prevention (DLP), encryption at-rest and in-transit, multi-factor
• Experience with Software as a Service cloud implementations particularly those in which legacy on premise applications have been migrated to cloud delivery options.
• Security solution design and development leveraging multiple security teams with disparate roles and responsibilities using a cloud SaaS solution.
• Experience in migrating security solutions from legacy on-premises environment into a cloud solution within a highly regulated environment.
• Experience in performing / supporting security audits and compliance validation.
• Documented ability to interact with personnel at all levels and across all business units and organizations, and to comprehend business imperatives.
Minimum Entrance Requirements
• Bachelor's degree in computer science, system analysis or a related study, or equivalent experience.
• Minimum of five years of design and implementation experience in IT, with a deep knowledge in a minimum of two of the following technical disciplines: infrastructure and network design, application development,
application programming interfaces (APIs), middleware, servers and storage, database management, data security, and system administration and operations
• Experience in generation of Security materials, including but not limited to compliance adherence, security operational procedures, security implementation plans, and network and security diagrams.
• Minimum of three years of security architecting design and implementation with security certifications, such as: SIA Security +
Bachelor's degree