Information Security Architect

Information Security Architect

Atlanta, GA Contract

The Information Security Architect performs threat analyses for complex technical designs and reports the results using standard templates. The Information Security Architect creates the initial Threat Modelling (with new applications/systems) or updates an existing Threat Modelling (with upgraded applications/systems). The Information Security Architect tracks critical and high findings and updates the respective changes in the Threat Modelling.

Given application or system descriptions, the Information Security Architect derives security requirements that will match the respective level of abstraction.

• Review Design and Report Issues
• The Information Security Architect reviews the design documents with respect to fulfillment of security requirements, common design errors, and already known design shortcomings (are they fixed or not).
• The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
• Review Implementation and Report Issues
• The Information Security Architect reviews the implementation with respect to fulfillment of security/design requirements, common implementation errors, and already known implementation shortcomings (e.g., from Code scan or Pen Testing, are they fixed or not).
• The Information Security Architect submits a written report that lists all shortcomings and suggestions on how to fix them.
• Review Project Security Planning and Report Issues
• The Information Security Architect reviews various project management documents with respect to plausibility of effort estimates for planned security tasks, plausibility of cost estimates for planned security tasks, overall plausibility of the timeline for security tasks, the overall progress of security, completeness of planned security tasks, security budget planning, ordering status of mandatory security services, and mandatory security-related tasks. The Information Security Architect submits a written report that lists all shortcomings, together with suggestions on how to fix them, and all possible risks to achieving project goals that relate to information security.
• Cyber Security Incident Management
• Responsible for end-to-end cyber security incident management process.
• Various Expert Consulting
• The Information Security Architect will answer explicit questions on various security-related subjects, e.g. on Information Classification, Security aspects of project management, Technical information security, Cryptography, Cloud Security, TPRM (Third-Party Risk Management), Vulnerability Review and Assessment, Dev Sec-ops, Security Tools, Audit Support (External and Internal).
• Technical Security Tasks
• Given the necessary input, the Information Security Architect will perform complex tasks with a specific, well-described result.

Assistant Manager | Syntricate Technologies Inc. Direct:

Email: ashuto | Web: