• net2source
  • $76,265.00 -187,860.00/year*
  • Ravena , NY
  • Information Technology
  • Full-Time
  • 298 Fares Rd

Position Title: Architect, IT Security
_____________________________________________________________________________________________
Position Summary
The Architect develops, documents, and disseminates information security architectural standards across all of JetBlue's Information Technology groups. The Architect provides direction to project teams on building the appropriate information security controls into systems in development. The Architect provides direction to system engineers on improving and maintaining the appropriate information security controls for production systems. The Architect is responsible for driving the implementation and adoption of key information security tools.

Essential Responsibilities
Ensures that information security policies, multi-year strategies, standards, procedures, and best practices are developed and communicated with JetBlue's IT Leadership
Develop and execute data security architecture framework
Define and research information security standards; vulnerability analyses and risk assessments; reviewing architecture platforms, applications and integration issues.
Participates in Project Management activities to manage IT Security programs and initiatives;
Participate on the IT Architectural Review Board to drive overall technology direction for JetBlue.
Participates in the development and delivery of a comprehensive information security training program that provides the appropriate training for all crewmembers.
Works with internal and external Auditors to assess compliance with policies, standards, procedures, and best practices.
Review and evaluate firewall change requests.

Minimum Experience and Qualifications
Four (4) years information technology experience.
Four (4) years information security experience.
Experience delivering comprehensive architecture specifications
Experience providing data protection and web application firewalls
Must be able to work in a team environment as a productive and cordial team player
Must be able to multi-task and prioritize in a fast paced multi-team environment
Ability to present to a variety of audiences Ability to work to deadlines with quick turnaround
Ability to handle confidential information with professionalism and diplomacy

Preferred Experience and Qualifications
Knowledge of Information security principles.
Understands the concepts of and techniques for secure programming.
Knowledge of security vulnerabilities/weaknesses - fundamental causes of vulnerabilities through which most attacks are exploited.
Able to recognize and categorize the most common types of vulnerabilities and associated attacks.
Familiarity of network Protocols including IP, TCP, UDP, ICMP, ARP, RARP, TFTP, FTP, HTTP, HTTPS, SNMP, and SMTP. Understand how these protocols work, what they are used for, the differences between them, some of the common weaknesses, etc.
Understanding of information security risk analysis.
Knowledge of network applications and services expertise in the purpose of the application or service, how it works, common usage, secure configurations, and the common types of threats or attacks against the application or service, as well as mitigation strategies.
Host/System Security Issues expertise in security issues at a host level for the various types of operating systems (Windows and UNIX). Experience in using the operating system (user security issues) and some familiarity in managing and maintaining the operating system as an administrator.
Malicious Code (Viruses, Worms, Trojan Horse programs) expertise in not only how malicious code is propagated through some of the obvious methods (disks, email, programs, etc.) but also how it can propagate through other means such as PostScript, Word macros, MIME, peer-to-peer file sharing, or boot-sector viruses.
Understanding/Identifying Intruder Techniques - must be able to recognize known intrusion techniques based on the footprints or artifacts left by different types of attack in the incident reports. Know the appropriate methods to protect against these known attack techniques and the risks associated with the attacks. Analysis of and correlation between incidents to notice what has not been seen before.


Associated topics: cybersecurity, identity, identity access management, information assurance, malicious, phish, security, security engineer, security officer, vulnerability

* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.

Launch your career - Upload your resume now!


Loading some great jobs for you...