Lead Security Architect – Director-level, Individual Contributor
Manulife
AWSAzureCloudCyber SecurityFirewallsKubernetesLinuxUnix
Security IT Business Analyst
Tek Spikes
contract
Posted on:
Location Type: Hybrid
Location: Quincy • Massachusetts • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
About the role
- Develop and maintain relevant security documentation including policies, standards, procedures, workflows, and process guides. Analyze existing security processes to identify gaps and risks for improvements
- Support security compliance and audit readiness by ensuring documentation is complete, accurate, and aligned with Commonwealth and federal standards
- Facilitate collaboration between the CISO’s Office, IT teams, agency stakeholders, and external partners
- Prepare reports, presentations, and dashboards to track security initiatives and communicate progress to both stakeholders and leadership
- Assist in the development of security training, documentation, and communications that will promote adoption of security policies and best practices
- Contribute to the planning, tracking, and monitoring of security projects and initiatives to ensure timely delivery and alignment with strategic objectives
- Manage and document risks, issues, and decisions related to security policy and process initiatives of the Client’s CISO’s Office
- Participate in security reviews, assessments, and capturing findings to ensuring documentation of remediation steps
- Serve as a resource for gathering, analyzing, and documenting requirements of security initiatives, tools, and processes
- Provide structured and clear documentation that can be used to support decision-making, audits responses, and operational changes
- Perform other related duties as assigned to support the mission of the Client’s CISO’s Office.
Requirements
- 5–8 years of experience in information technology, with at least 3 years in a business analyst, technical writer, or related role
- Strong understanding of information security concepts, frameworks, and best practices (e.g., NIST CSF, CIS Controls, ISO 27001)
- Experience developing, documenting, and maintaining IT/security policies, standards, and procedures Experience with Microsoft 365 suite, JIRA, or other collaboration/project tracking tools
- Experience facilitating requirements gathering sessions, interviews, and workshops with technical and business stakeholders
- Strong analytical and problem-solving skills, including the ability to identify process gaps and recommend improvements
- Ability to manage multiple assignments simultaneously and balancing competing priorities
- Capable of working independently and as part of a cross-functional team
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
information securitysecurity documentationsecurity policiessecurity standardssecurity proceduresNIST CSFCIS ControlsISO 27001requirements gatheringanalytical skills
Soft skills
problem-solvingcollaborationcommunicationtime managementindependencecross-functional teamworkstakeholder engagementpresentation skillsorganizational skillsadaptability
