Loading...

Information Security Architect

Date:  Apr 6, 2021
Location: 

Rancho Cordova, CA, US, 95670

Company:  NCA - NEC Corporation of America

Location: Rancho Cordova, CA

 

Information Security Architect

 

The Information Security Architect will be responsible for the implementation and support of a comprehensive Information Security Process for the Advanced Recognition Systems group within NEC.  In this critical role, you will have the opportunity to work with senior leadership to ensure information security risks are detected, responded to, and proactive measures are implemented.  A key responsibility will be to ensure the appropriate controls are in place that comply with the organization’s information security policies, standards, operating procedures, industry best practices and regulatory requirements.  You will provide oversight and continual improvement to the organization’s Information Security Management System based on ISO 27001:2013. One main focus will be woking with our CIO to develop an effective ISMS and get us through the ISO 27001 certification process.

 

The ideal candidate for this role will have strong technical skills with accountability for driving the execution of the information security management system and program.  Working effectively within a matrix organization, must be able to handle multiple priorities in an efficient manner, and communicate effectively with senior leadership and employees.

 

DUTIES AND RESPONSIBILITIES:

  • In conjunction with corporate wide initiatives, develops, implements, and maintains comprehensive Information Security strategies, that will support a best-in-class Information Security Management System for the organization. 
  • Supports comprehensive ISMS Risk Management Process.
  • Nurtures the culture that stays current on the latest information security trends, emerging technologies, threats, and incorporates appropriate safeguards into the organization’s Information Security Program.
  • Enforces security policies, procedures and work plans based on industry best practices.  Plans include security of on-premises and cloud-based infrastructure/assets.
  • Leads information security incident management process as well as execute the role of incident manager for major information security incidents.
  • Identify solutions and implement automation of vulnerability scanning and detection and for monitoring of the organization’s infrastructure, applications, and network.  Manages these activities at the infrastructure and software code level.
  • Improves information security awareness and training programs in partnership with functional stakeholders.
  • Monitors recent information security threats and assists in a development of proactive solutions to mitigate risk at project and maintenance levels.
  • Supports Software Asset Management Process
  • Provides advice, educates management teams of latest breaches and security threats on their relative importance, risk, and financial impact for customer specific engagements.
  • Supports audit plan development in partnership with the ISMS Manager and corporate audit team (or 3rd party vendor) and ensure audit gaps are remediated in a timely manner.

 

Prerequisites:

Education: BS or BA with 6+ years of progressive Information Security or IT experience with 5+ years in leading information security programs; MS or MBA is preferred

Experience:  Experience in information security strategy execution, and project management in a complex, matrixed organization.  Experience in data classification, data Loss prevention, network and system security.  Public Cloud security experience is a plus.  Experience with ISO 27001 ISMS implementation and maintenance.

Certifications:  CISSP, CCSP, or CISM preferred

 

Specialized Knowledge and Skills:

Interpersonal Skills:  Highly developed communication skills; The ability to interact effectivly  with people across the enterprise and within a matrix organization to accomplish assigned tasks is a must.  Must be able to affect cultural changes and be a champion for security initiatives.

Mathematical Skills:  Basic mathematics and logic are necessary.  Ability to calculate cost/benefit analysis for security tools, implementations, and mitigation plans.

Reasoning Skills:  Must take initiative, be able to work independently, and  produce measurable results that positively impact the organization’s security posture; the ability to collect and filter relevant data valid for decision-making in a dynamic environment, and to integrate market demands, requirements, and limitations into decisions that benefit the overall posture.

Technical Skills:  Advanced security knowledge and ability to use the software required.  Knowledge of automated security scanning, hardening, and software-level analysis tools is necessary. Experience with ISO 27001:2013.

 

ABOUT NEC CORPORATION OF AMERICA

Headquartered in Irving, Texas, NEC is a leading provider of innovative IT, biometrics, network, and communications products and solutions for service carriers and Fortune 1000 and SMB businesses across multiple vertical industries, including healthcare, government, education, and hospitality. NEC delivers one of the industry's broadest portfolios of technology solutions and professional services, including unified communications, wireless, voice and data, managed services, server and storage infrastructure, optical network systems, microwave radio communications, and biometric security. NEC is a wholly owned subsidiary of NEC Corporation, a global technology leader with a presence in over 44 countries and more than $37.5 billion in revenue. For more information, please visit www.necam.com.

NEC Corporation of America and its subsidiaries is committed to the maximum utilization of all human resources and the goal of Equal Employment Opportunity/Affirmative Action. We provide equal opportunities to all employees and applicants for employment without regard to race, color, religion, national origin, sex, sexual orientation, age, marital status, disability, genetic characteristics, height, weight, arrest record pertaining to misdemeanors or status as a Vietnam era or special disabled veteran, or any other class protected by applicable federal, state or local laws.

EOE-Minorities/Females/Protected Veterans/Individuals with Disabilities.


Nearest Major Market: Sacramento

Job Segment: Information Security, Architecture, Network, Telecom, Telecommunications, Technology, Engineering