City of Orlango
City of Orlando
  Job Descriptions » main page »   
 
Job Title   Job Family   Job Code   Job Exempt
IT Security Architect   Non_Bargaining   ITSA01   Y
 
        Pay Grade   Pay Rate Type   Minimum   Midpoint   Maximum
        NB114   Salary   $37.88   $48.30   $58.72
 
Job Description
 
Performs technical and administrative work that focuses on designing and developing security architecture patterns that meet regulatory obligations and data protection requirements as well as align with the business and organizational security strategy. Works collaboratively with Information Technology (IT) staff to build security controls and solutions compliant with approved architecture frameworks and standards. Participates in new projects, analysis of new requirements from platform teams, and technical discussions. Suggests best practices in development and operations area including best security practices. Mentors and trains junior staff members on security protocols. Work is performed under limited supervision of the Information Security and Compliance Manager. Work is evaluated while in progress and upon completion through direct observation, discussion, review of established procedures, and achievement of desired results.

Minimum Qualifications:

Bachelor’s Degree in Computer Science, Engineering, or related field and five (5) years progressive IT experience, to include experience in security architecture; or an equivalent combination of education, training, and experience. CISSP, CISA, CISM, or other relevant security-related designation desired. CISSP-ISSAP certifications preferred.
 
Responsibilities
 
EXAMPLES OF WORK PERFORMED:

Note: The listed duties are only illustrative and are not intended to describe every function that may be performed by this job class. The omission of specific statements does not preclude management from assigning specific duties not listed if such duties are a logical assignment to the position.

Performs security assessments, identifies gaps in existing security architecture, and recommends changes or improvements.

Designs security architecture elements to mitigate threats.

Creates solutions that align enterprise security architecture frameworks and standards with overall business and security strategy.

Participates in risk assessments for new technologies and projects.

Employs secure configuration management processes.

Assists in developing a disaster recovery and business continuity plan. Identifies and prioritizes system functions required to promote continuity and availability of critical business processes so that, if there is a system failure, critical business functions are restored or recovered promptly.

Plans, implements, manages, monitors, and upgrades security measures for the protection of the organization's data, systems, and networks.

Tests and identifies network and system vulnerabilities.

Documents security requirements and controls for protecting information, systems, and technology assets.

Defines and documents how the implementation of a new technology impacts the security posture of the current environment.

Documents and updates, as necessary, all definition and architecture activities.

Provides input on security requirements to be included in request for proposals (RFPs), statements of work (SOWs), and other procurement documents.

Communicates current and emerging security threats to project team members.

Performs other duties as assigned.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 


KNOWLEDGE, SKILLS, AND ABILITIES:

Knowledge of computer networking concepts and protocols (e+g+TCP/IP, DNS) and network security methodologies.

Knowledge of network access, identity, and access management (e+g+ public key infrastructure, Oauth, OpenID, SAML, SPML).

Knowledge of capabilities and applications of network equipment including routers, switches, servers, transmission media, and related hardware.

Knowledge of remote access technology concepts.

Knowledge of application firewall concepts and functions (e+g+ single point of authentication enforcement, data anonymization, DLP scanning, SSL security).

Knowledge of risk management processes and experience in conducting risk assessments.

Knowledge of the application of privacy principles to organizational requirements.

Knowledge of identity and access management methods.

Knowledge of business continuity and disaster recovery operation plans.

Skilled in the application of cybersecurity designs for systems, networks, and multi-level security requirements or requirements for processing multiple classification levels of data.

Skilled in managing projects that drive business objectives.

Skilled in written, oral, and interpersonal communication.

Ability to identifying gaps in existing architectures.

Ability to design security architectures to mitigate threats.

Ability to work in team environments and to negotiate with multiple stakeholders.

Ability to meet tight deadlines and to prioritize tasks.


ADDITIONAL QUALIFICATIONS FOR PROMOTION: N/A.