This role will work with application developers, system engineers, and management to architect secure environments and mitigate risks within those environments. The candidate must work proactively beginning with planning stages, and apply a practical knowledge of best practices to the risks identified in the project.
This role may interact with both internal and external customers, and should be comfortable providing advice on security topics to clients. There also may be reporting duties, periodically providing updates and reports on security and architectural topics.
The candidate should be familiar with at least one ISMS framework (e.g. ISO 27000, NIST), and be able to write and interpret policy. The building and provision of metrics and risk analysis are considered critical to this role.