Anveta, Inc · 1 day ago
Information Security Architect-NIST, ISO 27001 and DFAR
The Woodlands, TX
Contract
Hybrid
Senior Level
$70/hr - $80/hr
7+ years expAnveta Inc is seeking an experienced Information Security Architect to lead the design, implementation, and ongoing management of enterprise security governance frameworks and control environments. The role involves establishing and operationalizing security frameworks including ISO/IEC 27001 and NIST CSF, while collaborating cross-functionally to embed security principles across the organization.
ConsultingOutsourcingStaffing Agency
Responsibilities
Lead the design, implementation, and continuous improvement of information security frameworks aligned to ISO 27001/27002 and NIST CSF
Develop and maintain enterprise security policies, standards, procedures, and control documentation
Translate framework requirements into actionable technical and operational controls across cloud, infrastructure, and application environments
Conduct security risk assessments, gap analyses, and maturity assessments to identify remediation priorities
Design and manage control libraries, control mapping, and evidence collection processes for audits and certifications
Support ISO 27001 certification efforts, internal audits, and external regulatory assessments
Partner with IT, cloud, DevOps, and business teams to integrate security requirements into system architecture and project lifecycles
Establish metrics, KPIs, and dashboards to measure control effectiveness and security posture
Lead third-party/vendor risk assessments and security reviews
Provide guidance on security best practices for AWS/Azure environments, data protection, identity management, and incident response
Support incident response planning, business continuity, and disaster recovery alignment with security controls
Educate stakeholders on governance, risk, and compliance requirements and promote a culture of security awareness
Qualification
Required
7–10+ years of experience in Information Security, Cybersecurity, or IT Risk & Compliance
Hands-on experience implementing ISO 27001/27002 controls and leading certification or audit readiness programs
Strong knowledge of NIST Cybersecurity Framework and control mapping methodologies
Experience designing enterprise security architectures and control frameworks
Experience conducting risk assessments and developing remediation plans
Working knowledge of cloud security principles (AWS and/or Azure)
Strong documentation, policy writing, and stakeholder communication skills
Ability to work with both technical and executive audiences
Preferred
Experience in regulated industries such as Energy, Utilities, Oil & Gas, or Manufacturing
Familiarity with SOC 2, CIS Controls, or other compliance frameworks
Experience with GRC tools (ServiceNow GRC, Archer, OneTrust, etc.)
Security certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer or Lead Auditor
Experience supporting cloud migrations or digital transformation initiatives
Benefits
Parking Included Free
Company
Anveta, Inc
Founded in 2008, Anveta, Inc is a fast-growing Information Technology, Consulting & Staff Augmentation service provider with vast experience in designing, developing, and implementing mission-critical solutions, whether in Strategy Consulting, Technology Integration, Fixed Bid projects or Staff Augmentation.
51-200 employees
H1B Sponsorship
Anveta, Inc has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (38)
2024 (9)
2023 (33)
2022 (41)
2021 (33)
2020 (74)
Funding
Current Stage
Growth StageCompany data provided by crunchbase