Security Architecture Assessment Analyst

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Architecture Assessment Analyst to join our team in Halifax, Nova Scotia (CA-NS), Canada (CA).

Job Responsibilities Include:

  • Contacting system owners for assigned systems to gather relevant background material about the system/application and setting up interviews for information gathering.
  • Conducting remote/in-person interviews with system owners to get all the required information for assessment and to identify any gaps.
  • Reviewing system-related material including specifications, diagrams, requirements and test plans to ensure security-related standards are followed.
  • Reviewing results with system owners and Senior Security Architecture Analysts, as needed.
  • Conducting security assessments using available documentation.
  • Creating comprehensive security architecture assessment reports that clearly identify root-cause and remediation strategies.
  • Developing and establishing global security standards and processes.
  • Evaluating new and emerging products and technologies while making recommendations concerning the introduction of new technologies

Basic Qualifications:

  • At least 1 year of experience in Security Architecture Assessment.
  • Minimum of Bachelor’s degree (or equivalent) in Information Systems Security, computer science (major in computer security), Cybersecurity, or related field is required.
  • Minimum of one professional certification amongst CISSP, SSCP, and CISM with good standing will be an added advantage.

Preferred Skills:

  • Excellent verbal and written communications skills, including presentations to clients and senior technical resources.
  • Ability to manage expectations and handle high-pressure situations with tight deadlines.
  • Experience in an information security (application and/or infrastructure) role in an enterprise environment.
  • Ability to explain common application vulnerabilities and remediation strategies to developers.
  • Ability to explain technology risks; including XSS, CSRF, Injection attacks introduced by application vulnerabilities to a system’s Business Owner.
  • Ability to quickly adapt to changing priorities and demands.
  • Excellent security knowledge (access control) of one or more applicable security technologies or platforms including SSO (Single Sign On) technologies like SAML2.0 and Kerberos.
  • Excellent knowledge of information security processes, response procedures, and various attack methods used for information theft or network intrusion.
  • Excellent analytical and problem-solving skills.
  • Excellent knowledge of network technologies as they pertain to communications, computer system environments and related infrastructures.
  • Excellent research ability and knowledge update on the security trends and attacks, following OWASP top 10 security understanding.