Job details
Description
POSITION SUMMARY:
The Senior Principal Cyber Security Architect is responsible for the design, implementation and support of the company’s cyber controls, threat monitoring and mitigation, as well as the evaluation and monitoring of cyber technology used to support corporate operations and product development. This position will also be responsible for the identification, documentation, and remediation of enterprise cyber security threats. This position will work collaboratively with the Network Security team and various software development teams to refine the current cyber security strategy and then help execute on that strategy.
DUTIES AND RESPONSIBILITIES:
• Design, build and implement enterprise-class security systems for a production environment.
• Serve as the lead technologist for Cyber Security, Risk and Compliance activities.
• Ensure cyber security and standards and compliance frameworks and security measures are properly aligned with overall business and technology strategy.
• Identify and communicate current and emerging security threats. Design security architecture elements to mitigate threats as they emerge.
• Create solutions that can successfully balance business requirements with the need to fulfill cyber security requirements.
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
• Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications.
• Manage the vulnerability and threat identification lifecycle by performing vulnerability assessments and lightweight penetration testing.
• Develop mitigation strategies and approaches to improve the company’s posture against Cyber Security Risks while maintaining Information Technology compliance requirements.
• Assist in the execution of Red Team and Blue Team exercises.
EXPERIENCE AND QUALIFICATIONS:
• Master’s degree in Computer Science or related field, or relevant work experience.
• A minimum of 10 years working in highly available enterprise production environments.
• Extensive hands on experience with cybersecurity infrastructure that includes the following:
o Network security and networking technologies and with system, security and monitoring tools;
o Firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering;
o Information Security frameworks such as NIST, SOC, ISO 27000, CIS, OWASP etc.
• Experience with Red Team, and Blue Team concepts and the tools used in threat detection and penetration testing.
• Experience in securing a hybridized AWS environment preferred.
• Experience doing external penetration testing preferred.
• One or more of the following certifications are preferred, but not required:
o CISSP – Certified Information Systems Security Professional
o SSCP – Systems Security Certified Practitioner
o OSCP – Offensive Security Certified Professional
o CEH -- Certified Ethical Hacker
o GSEC – GIAC Security Essentials Certification
o CCSK – Certificate of Cloud Security Knowledge
KNOWLEDGE, SKILLS AND ABILITIES:
• Thorough understanding of the MITRE cyber kill chain
• Advanced knowledge of IT Risk Management and Compliance management theory/practices, laws and auditing principles.
• Expert knowledge of security testing tools and technologies such as Kali Linux (or comparable), Tenable, AppScan, OWASP ZAP, and BurpSuite.
• Thorough understanding of infrastructure security technologies such as IDS/IPS, DLP, SIEM, OSINT, and xDR solutions.
• Thorough understanding of web related technologies (Web applications, Web Services, Service Oriented Architectures) and network/web related technologies and how to protect them.
• Understanding of how to protect Active Directory, Microsoft operation systems and Linux.
• Ability to use coding and scripting to solve security challenges and automate controls. (preferred)
• Familiarity with Digital Forensics and Incident Response (preferred)
• Expert technical understanding of the following cyber security concepts:
o Advanced Persistent Threats (APT’s) and how to protect against them.
o Cyber threat intelligence
o Identity Access Management (IAM) technologies, solutions, and approaches.
o Application security testing and remediation strategies.
• Excellent communication skills with the ability to organize, present, and articulate ideas both verbally and in writing.
• Ability to work independently, as an effective team member and with all levels of the organization
• Demonstrated critical thinking and analytical skills, as well as the ability to handle complex situations and demonstrate sound judgment and problem-solving.
• Ability to work flexible hours when needed, including outside normal business hours.
• Ability to be on call 24 hour a day, 7 days a week, with short notice to respond to occasional emergencies.
PHYSICAL DEMANDS:
While performing the duties of this job, the individual is frequently required to sit and stand for long periods. The individual is occasionally required to walk; use hands and fingers to operate, handle, or feel objects, tools, or controls; reach with hands and arms and moving/lifting up to 25 pounds
WORK ENVIRONMENT:
This position is performed in a traditional office environment, with some travel between local office sites.