Security Architect Location: Jersey City, NJ
Duration: 6+ months Face To Face Interview Department Function The Architecture & Standards office is responsible for: •Developing and maintaining our enterprise architecture •Reference standards that support the architecture •Ensuring that the standards and architecture are aligned with the IT Strategy •Best practices to ensure that the implementation of technology solutions is delivered in support of our overall mission •Coordinating resources to address Central Technology Issues Position Summary Reports to the Enterprise Security Architect for Architecture, who is responsible for providing highly advanced technical and analytical skills to the Architecture & Standards Office. Works with the Enterprise Security Architect to maintain the corporate vision of application and technology security architecture. Engages with staff throughout all solutions to communicate security standards, guidelines and strategies. Works with project teams to ensure technical quality of security-focused deliverables and adherence to security standards, governance and controls practices. Considered a security and technical expert in technology architecture, security architectures, systems implementation and integration. Conducts technical research as necessary to contribute to help with setting direction and strategy. Works with other teams, where applicable, on security projects or on security-relevant tasks on technical projects. Principle Responsibilities: Application and Technology Architecture •Assists in drafting conceptual and logical architecture specifications at both the enterprise and project level with a focus towards security •Assists in maintaining, updating, and otherwise ensures continued relevance of Enterprise Security Architecture (ESA) •Works with other teams to evolve legacy products to adherence to ESA •Assists project teams during system design with the drafting of logical architectural models with a focus on security •Assists project teams during system design to promote the efficient re-use of IT assets •Advises project teams during system development to assure compliance with security principles, guidelines, standards, controls, and governance •Shares our security vision with key stakeholders by organizing discussions and formal presentations (XLUs) •Participates in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls •Provides technical guidance to cross-functional application development teams •Contributes to the technology strategy, vision, requirements, and solutions for enterprise initiatives •Designs, develops, and implements new security technologies as necessary to support DTCC business and technology solutions Application Design •Consults with application development teams to determine security requirements and for planning and delivering business solutions Process Management •Assists in the development of estimates for security projects •Contributes to defining time tables and project plans •Assists in the definition of milestones and progress tracking •Assists in coordinating the monitoring of the life cycle of specific IT assets •Identifies, understands and documents extensions to, and variants from, security and architecture standards. Firm/Enterprise Architecture Related •Enables us to implement the most optimal and effective, business solutions •Maintains understanding of existing applications and technology solutions for leveraging the reuse of services and for the consolidation of services. •Identifies and researches opportunities for converging diverse solutions to a single architecture. •Develops and documents architecture solutions, including designs, guidelines and architecture-specific standards for enterprise-wide implementation. •Leads and enables collaboration across technology specialties – ensures that ADM, Infrastructure, Information Security and Architecture are all working together •Obtains concurrence and agreement on architecture solutions from, as applicable: Applications Development, Infrastructure, Technology Risk Management, Internal Audit, and Product Management. •Supports adherence to relevant ADM/CMMI, ITIL, internal audit, and risk-management standards. Assists in architecting the group’s security policies to ensure compliance with relevant departmental, company-wide, and industry-mandated policies and directives. •Maintains understanding of emerging architecture concepts and methods and associated technology trends. •Conducts presentations and education on Architecture’s concepts and solutions to appropriate areas. •Participates in the design, specification, and implementation of business and technology projects, assuring and resolving adherence to enterprise-wide solutions. •Provides guidance and leadership for our technology standardization process •Works across IT to identify opportunities for reusing technology Technology Related •Assists in defining standards and policies for the security, compliance and governance of data and information stored or processed at an external Cloud provider, including IaaS (Infrastructure), PaaS (Application Platform) and SaaS (Software) models •Work with teams to assist in establishing an Enterprise Cloud strategy, standards and best practices associated with all aspects Cloud offerings. This includes, but is not limited to: •Secure and compliant data and messaging egress and ingress •Federated authentication and authorization models •Automated workload lifecycle management •Data and information at rest encryption and security •Application porting, integration and maintenance •On-demand, self-service access to Enterprise Cloud applications, platforms and offerings •Overall cloud management tools, monitoring, alerting, chargeback, capacity and performance management, and service level objective definitions. Experience (Mandatory): •Minimum of 10 years’ experience in security architecture, system integration, application development and system analysis •Minimum of 5 years’ experience in IT platform, storage, and network virtualization architecture and engineering, including: • Knowledge of private, hybrid and public cloud offerings and vendors • Knowledge of the complete VMware datacenter and desktop technology stack. • Knowledge of alternative hypervisor platforms and their management capabilities (Xen, XenServer, KVM, Hyper-V). • Knowledge of storage and network virtualization technologies, capabilities, trends and the automated interaction with the physical infrastructure (EMC, NetApp, HP, Cisco). • In depth knowledge of virtualization management and monitoring technologies, capabilities and market trends • In depth knowledge of Red Hat Enterprise Linux and Microsoft Windows Server Operating platforms •Experience with Cloud methodologies (IaaS, PaaS, SaaS), automation, orchestration, cost frameworks, trends and industry-leading private/public/hybrid cloud vendor offerings and interoperability •Experience with Amazon Services such as AWS, S3, Elasic load balancing / Block / Relational Database •Experience architecting automated data center processes, including provisioning, application and patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation •Experience with Business Continuity and Disaster Recover design, planning and implementation for virtualized infrastructures Experience (Preferred): •Experience with IBM Mainframe platforms including LPAR, IFL, zVM & zLinux •Experience with IBM P-Series platforms including LPAR, dynamic LPAR, Micro-Partitioning, Virtual I/O Server and Capacity on Demand •Experience with MS Windows (server and desktop), Solaris, Linux (RHEL & SLES), AIX Operating platforms •Experience with Web technologies including web services architectures and security •Experience with RDBMS technologies including Oracle RAC, Sybase, MS-SQL, DB2 •Experience with 10G & 40G network technologies and I/O Virtualization •Experience overhauling legacy applications to work with modern technologies Knowledge/Skills: •Possess a thorough understanding of the software implementation lifecycle (SILC) •Maintains current knowledge of security, technology and architecture marketplace •Advanced analytical skills •Advanced technical skills – both breadth and depth •Bachelor’s Degree (higher preferred) in a technical discipline or related experience preferred •Securities industry technical background preferred •Possesses a working knowledge of programming languages and software design methodologies (e.g., OOAD) •Excellent communications skills (written and verbal) •Excellent collaborative skills •Maintains current knowledge of marketplace changes, technology changes, and client businesses pertinent to cloud, server, storage and network virtualization •Possesses a comprehensive knowledge of the Process Architecture •Possesses a detailed understanding of Domain/Area/Team applications and their development throughout all phases of the lifecycle •Possesses in-depth knowledge of the business units that the Domain supports •Exemplifies leadership characteristics in support of DTCC corporate objectives •Demonstrates proficiencies in business case development, program management, issue resolution, and communication •Excellent analytical problem solving skills with a methodical approach to problem resolution across large scale distributed platforms •Strong knowledge of multi-tiered application environments, including their design, implementation and capacity/scaling challenges •Strong knowledge related to public/private/hybrid cloud solutions and market trends, PaaS, SaaS, storage and network optimization Education, Training or Certification: •Experience with Amazon’s EC2, VPC, and S3, Microsoft’s Azure, OpenStack and either the JBoss SOA stack •Knowledge of Cloud Management tools and methodologies •Advanced degree in a technical discipline preferred *Regards,* *Manju Shree* *Sr IT Recruiter* *IDC Technologies, Inc. 1851 McCarthy Boulevard, Suite 116,Milpitas, CA, USA, 95035* *Phone: 408-418-5779 ext 252 |Fax: 408-608-6088 | * *Email: **ma...@idctechnologies.com* <kara...@idctechnologies.com>*| Web: * *www.idctechnologies.com* <http://www.idctechnologies.com/> -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to sap-or-oracle-financials@googlegroups.com. Visit this group at http://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/d/optout.
