---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Architect
Location: Santa Barbara, California, United States
Type: Permanent F/T
Closing Date: 2006-04-22
Position Overview:
Directly and through subordinates, responsible for overall design and delivery
of an integrated security regime to support the Bank’s technology suite.
Responsible for delivering, operating, and monitoring complex enterprise
security systems; knowledge of data modeling, encrypted storage, authentication
systems and access control, intrusion detection systems, internet and web
services activity control, anti-virus, secure file movement, email encryption,
firewalls, LDAP, Active Directory, eDirectory, proxy servers, server hardening,
penetration testing, operating systems and their vulnerabilities (Windows,
Unix, etc).
Core Responsibilities:
 Directly and through subordinates, defines and develops security
standards and methods for all current and future systems
 Provides technical direction and leadership for security including
conceptual architecture, requirements definition, project planning, spec
writing, test plan development, implementation, and analysis of results.
 Manages projects, develop standards, and communicate directly with
customers.
 Identifies emerging and existing security technology and analyze
feature and cost trade-offs.
 Engages in analysis and debate of security issues with internal staff
and external industry experts.
 Manage vendor teams developing and extending security specifications.
 Supports compliance testing by developing security interfaces, test
plans, and procedures.
 Develops relationships with vendors and customers to improve products.
 Ensures that appropriate Risk Management policies, procedures,
processes, and standards are incorporated into daily assignments and work flow
processes and is responsible for maintaining high levels of awareness as
related to the Banks Risk Management policy.
 Exercises managerial authority over assigned staff including
affirmative action, performance reviews, training, employee development, etc;
oversees assigned department budget process.
 Attends internal/external conferences, training, conventions,
meetings, etc. to develop professional expertise and maintain professional
contacts.
 Performs miscellaneous related duties, as required.
Risk/Compliance Responsibilities:
 Responsible for implementing and maintaining an effective control
environment that prevents losses, financial reporting errors, and regulatory
violations in accordance with all risk tolerances established by the Board of
Directors. An effective control environment will include Board-approved
policies, documented procedures, and sound internal controls.
 Expected to know and comply with the relevant portions of BANK’s
Anti-Money Laundering (AML) guidelines, and to comply with all other
appropriate banking laws and regulations by ensuring that departmental and bank
policies and procedures comply fully with such laws and regulations.
 Comply with departmental and Bank policies and procedures pertaining
to Operations, Business, Event, Catastrophic, and Non-Catastrophic Risks
throughout the Enterprise.
Anti-Money Laundering Initiative:
 Expected to know and comply with the relevant portions of BANK’s
Anti-Money Laundering (AML) guidelines, and to comply with all other
appropriate banking laws and regulations by following departmental and bank
policies and procedures.
 Know and comply with the relevant portions of BANK’s Anti-Money
Laundering (AML) guidelines.
 Attend AML 101 within 60 days of hire.
 Know and understand the relevant portions of the Bank Secrecy Act
(BSA), OFAC, the USA PATRIOT Act and BANK’s Anit-Money Laundering (AML)
guidelines.
 Implement and follow Enhanced Due Diligence (ED) and AML procedures
applicable to Programs Management.
 Authority Responsibilities for AML-related functions:
 Has the authority to identify suspicious activity and report such
activity to the manager.
 Has the authority to complete and file a PSAR report.
JOB REQUIREMENTS
---------------------------------------------------
Requisite Experience, Education, Abilities and Skills:
 Four-year degree in Computer Science or Information Systems or related
field plus 7 years hands on experience, or a combination of education, training
or experience to equal 10 years at a minimum, 15 is desirable.
 10 to 15 years hands on analytical experience with Broad and deep
knowledge of security architectures and technologies for IP based networks;
strong grasp of encryption and authentication protocols / algorithms, including
experience as project manager on IT development projects that required project
planning and management in a matrixed organizational structure.
 Excellent negotiation and consensus building skills.
 Superior attention to details.
 Able to work well with and communicate effectively with all levels
with the IT Organization.
 Able to quickly grasp the big picture, yet remained focused on
coordinating tasks at the detailed level.
 Working knowledge of the following security technologies: Encryption;
symmetric (DES, AES, RC4) and asymmetric (RSA); Ipsec; PKI; Digital
Certificates (X.509, PKIX); Transport Layer Security (TLS); Internet Key
Exchange (IKE and IKEv2); Kerberos; Public Key Cryptography for Initial
Authentication in Kerberos (PKINIT); Firewalls and Network Address Translation;
AAA; RADIUS, Diameter; Secure RTP (sRTP), and MIKEY.
 Knowledge of trends in technology relating to security architecture,
and infrastructure technologies for IP based networks; knowledge of physical
and architectural limitations for all devices.
 Familiar with all major IT operational, development and quality
control disciplines.
 Working knowledge of Microsoft office products including Outlook,
Excel, Access, and Project.
 Excellent oral and written communication skills (ability to explain
complex technical issues in simple terms)
 Excellent analytical and problem-solving skills: detail oriented.
 Excellent time management and organizational skills; ability to meet
deadlines.
 Ability to work within a team and independently.
CONTACT
---------------------------------------------------
Qualified candidates may email WORD copy of resume and phone number by which we
may speak directly.
Banking Industry
Sharon Van Gundy
President
svangundy@edrsb.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
