Security Architect

IT Yarmouth, Maine Plano, Texas


Description

The Security Architect is responsible for maturing the security posture of Tyler’s corporate cyber
infrastructure. They are responsible for oversight of Tyler’s enterprise compliance with applicable cybersecurity laws, regulations, industry frameworks, policies and standards. This is a key role in the
administration and enforcement of Tyler’s Enterprise Information Security Program, which helps to ensure the security and integrity of Tyler’s critical cyber infrastructure and assets.

Responsibilities

  • Consults with business and technical leadership to ensure that data, processes and technology are
    designed for data protection and compliance
  • Drive creation of information security policies and procedures and assist with the related security
    awareness programs to both end users and technical staff
  • Oversees the development, evaluation and implementation of governance and compliance and
    processes to mitigate cybersecurity risk and ensure protection of company assets and information
  • Standardize and streamline annual and ad-hoc information security audits and assessments in
    compliance with FedRAMP, CJIS, SSAE-18 SOC 1 and SOC2 and other requirements as necessary
  • Assist in the coordination of third parties to help complete the assessments when relevant
  • Assist in the monitoring and enforcement of compliance to security policies
  • Assist with contract and vendor management issues related to security requirements and projects
  • Researches and interprets current and pending laws and regulations, industry standards and client
    and vendor commitments to understand and communicate compliance requirements
  • Monitors investigations and documentation of information security compliance issues
  • Provide leadership and technology guidance to Tyler business units on security matters
  • Review architecture of products and infrastructure designs

Qualifications

  • Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, MIS or equivalent or comparable experience
  • Requires 10+ years of progressively increasing responsibility in the areas of information security architecture, information security engineering, risk management or information technology.
  • Strong experience architecting secure distributed infrastructures for medium to large enterprises.
  • Experience with multiple operating systems, devices and databases including Windows Server, Active Directory, virtualization technology, network routing and switching, network segmentation, and use of enterprise class security platforms (F5 Networks, Gemalto, IDS/IPS, Anti-Virus, etc.) is required.
  • Understanding of complex local and wide-area networks that focus on the use of segmentation and protection across all layers of the OSI model.
  • Strong analytical and problem-solving skills.
  • Must have and maintain one or more Security Assurance certifications such as (ISC)2 CISSP, ISACA CISA, ISACA CISM or equivalent · Working knowledge of common information security and privacy frameworks, such as FedRAMP, CJIS, ISO 27001, PCI-DSS, SSAE 18 SOC 2, HIPAA, CCPA, etc.
  • Strong understanding of information security standards, concepts, controls, testing techniques and technical risk assessment.
  • Working knowledge of industry software security testing procedures such as the OWASP Top 10 that includes but not limited to thick client, web client, and API security testing.
  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
  • Excellent customer service, organizational, interpersonal and communication skills
  • Ability to prioritize and complete multiple tasks in a fast-paced, technical environment
  • Some travel (approximately 2-3 trips per year) may be required.
  • Required to undergo and satisfactorily pass a fingerprint background check in accordance with CJIS requirements.
  • The Security Architect must be able to:
    • Understand information security concepts such as Security Architecture and Design, Information Security Standards and Technical Security Risk Assessment
    • Translate security control language into natural human language to aid in speed and accuracy of implementation
    • Provide seamless integration to department and company resources
    • Perform process development, consolidation and optimization at an enterprise level
    • Independently gain knowledge on new and emerging trends.