Information Technology Security Architect

*****NO THIRDS PLEASE***********LOCAL HOUSTON AREA CANDIDATES PLEASE*****This is an excellent opportunity to join a very stable Healthcare related organization located near Westpark Tollway/Beltway 8 in Houston. This opportunity is providing a long-term future.The company is seeking someone who is truly passionate about IT Security.POSITION TITLE: IT Security ArchitectLOCATION: Houston, TXREPORTS TO: VP of IT/CIO SALARY Range: $140K-$165K base range plus bonus and great benefits POSITION SUMMARY: The IT Security Architect plays an integral role in defining and assessing the company’s security strategy, architecture and practices. The IT Security Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.The role of the IT Security Architect demands business insight, technical acuity and the ability to think and communicate (verbal and written) focusing on different audiences throughout the organization (technical and non-technical). This individual must possess both project supervision skills and in-depth technical ability to architect, engineer and operate security processes, solutions and tools.This is an expert/hands-on role that requires the ability to work in an enterprise environment, where system availability is critical, and the ability to interact across IT, operations and business owners to define security requirements. This role is required to keep up to date on security policy, standards and procedures and to ensure they are consistently followed.ESSENTIAL DUTIES/RESPONSIBILITIES:Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers, both within traditional IT and Operational TechnologiesDevelop security strategy plans and roadmaps based on sound enterprise architecture practicesDevelop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operationsParticipate in Security Incident Response and escalated troubleshooting eventsAbility to get “hands-on” with the organizations’ security tools, when neededTrack developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifactsParticipate in application, infrastructure and OT projects to provide security-planning adviceDetermine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)Help develop the organization’s data classification criteriaDevelop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteriaConduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or applicationEnsure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management toolEstablish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security engineers and analysts, as well as other counterparts within ITValidate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicableValidate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systemsReview network segmentation to ensure least privilege for network accessLiaise with the Information Security Compliance and Internal Audit teams to review and evaluate the design and operational effectiveness of security-related controlsReview security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metricsCoordinate with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems JOB QUALIFICATIONS: Education: BS in Computer Science, Information Systems Information Security preferred (but not necessary) or equivalent required.Professional Certifications: CISSP, other Security certifications a plusAt least 3-5 years of experience architecting enterprise security solutions.At least 7-10 years of experience with security incident response, including resolving and documenting complex security issues including root cause analysis, prevention and workaroundsDocumented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.