Required Knowledge, Skills, and Abilities:
- Basic understanding of HITRUST framework
- Broad knowledge of information security processes and technologies such as: business process design, risk assessment, minimum baseline security controls (*nix, Windows, network protocols, common services), data classification and management, security monitoring and log analysis, incident management, , application and database architectures, SDLC, system planning and integration, and security metrics
- Advanced knowledge of technologies such as operating systems, directory services and network protocols
- Basic knowledge of database applications, spread sheet design, and report writing software
- Advanced written and verbal communications skills
- Ability to facilitate the development and application of architecture artifacts between product and engineering teams and customers
- Effective communication skills, both verbal and written, including the ability to communicate appropriately across all levels of an organization
- Advanced knowledge of business to business (B2B) and business to consumer (B2C) product lifecycle management and technology road-mapping processes
- Knowledge of multiple delivery methodologies, product operating models, and SaaS product deployment environments
- Intermediate skills in cloud security architecture and standard cloud security configurations and controls
- Ability to accomplish service goals, objectives and metrics consistent with Information Security Department strategic plans and business service level agreements
- Ability to resolve business security conflicts taking into consideration policy, risk and business needs
- Ability to perform trade-off and risk analysis and, if necessary, process and manage exceptions to achieve business needs
- Advanced knowledge of network security and principals
- Advanced knowledge of PKI, TLS/SSL, and basic cryptography principals
- Advanced knowledge of Identity and Access Management principals and Privileged Access Management, including SAML2, OpenID Connect, and OAuth2
- Basic knowledge of automation and scripting
Experience:
- 5 - 8 years of experience in enterprise security architecture role
- 10 years of IT infrastructure architecture and/or operations experience
- 4 years of experience in Large Scale System design (ERP, Custom, etc) and implementation
- 3 years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
- 3 years of experience performing network and application security penetration testing and/or threat assessments
- 3 years of experience architecting solutions in a cloud environment
Required Certification:
Benefits Overview
At NASCO, we trust our workforce to be fully remote, working from their home. This benefit offers significant, personalized outcomes for each associate including work/life balance, savings on commuting, work clothing, and increased time to spend on personal activities.
Our full benefit package is designed to support the physical, mental, and financial health of our associates. We offer:
Physical and Mental Health Benefits
- Choice of Blue Cross Blue Shield Medical, Dental, and Vision Plans
- Telehealthcare – for Medical and Behavioral visits
- Generous PTO with buy/sell options
- 9 Company holidays, a floating day off, and a day off for volunteering
- Employee Assistance Program
- Wellness program - earn insurance discounts or credit towards health-related items
Financial Health Benefits
- 401K Plan with employer matching contributions
- Company-funded spending/reimbursement accounts to help with out-of-pocket medical expenses
- Bonus and Recognition programs
- Tuition Assistance
- Consultation with financial planner
- Basic Life & AD&D Insurance, Short and Long-Term Disability Insurance provided, and Supplemental Term Life Insurance is available
- Group Discount programs - mobile, technology services, etc., to help you save money
Other Benefits
- E-Learning – Comprehensive and current library of e-learning and performance support assets, available on demand and at no cost
NASCO is an Equal Opportunity Employer/veterans/disability/race/color/religion/sex/sexual orientation/gender identity/national origin. Must have legal authority to work in the US.
We will not accept applicants that use AI when answering the screening questions. Applicants who use AI to answer any questions or to complete their application will not be considered for employment.