Cyber Security Architect

Position :: Senior Cyber Security Engineer

Location : Remote

Duration :: Long Term

The Senior Security Engineer works under minimal supervision and will perform information security tasks commensurate with their experience that ensure applications and projects meet defined quality standards.

Job Description:

Security Architect, within the Cyber & Information Security will work with the various assigned security teams:

• Identify the security requirements and approved patterns established/defined across the various security teams.
• Aggregate them into a unified, holistic security architecture with approved, standard patterns.
• Develop/assist with new security patterns, as required.
• Partner with the Enterprise Architect to ensure that the security architecture and patterns are incorporated into the enterprise architecture program.
• Assist with building security architecture framework and mapping of tools/ capabilities to controls and threat library.
• Evaluate external and internal threats for the organization.
• Maintain and update security tools and capabilities based on new threats and organization changes.
• Perform/assist with security architecture reviews for new emerging technologies, platforms and applications.
• Provide technical recommendations and improvement to mitigate and/or remediate the risks/ threats.

Responsibilities:

• Develops, reviews, edits, and provides recommendations for new and existing security architecture design artifacts such as reference and solution architectures along with framework mapping to NIST, CIS, ISO etc.
• Provides security architecture guidance to internal customers and security teams for larger and more significant engagements.
• Subject matter expert in at least one security domain such as IAM, Application Security and/or Data Protection in addition to Cloud Security
• Support development of security patterns
• Assist with development and documentation of security architecture framework and defining security requirements for emerging technology/ platforms and applications.
• Maintain and update inventory of security tools/capabilities and mapping to internal controls & threat library/ framework.
• Conduct and facilitate security reviews, threat modelling and design reviews through the development lifecycle.
• Develops and recommends security designs and frameworks for technology systems by defining process and architecture.
• Participates on projects and recommends secure solutions based on policies, standards and best practices.
• Provides Information Security subject matter expertise in various risk assessments.
• Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats
• Provides subject matter expertise for customer-initiated reviews of business security practices.
• Work closely with other Solution/Enterprise Architects to align the security requirements and the solution design with the customers business drivers and demonstrate unique value.
• Performs other related duties as assigned.
• Participate in customer conversations to define the security requirements and overall technical architecture for data and related solutions.

Education/Experience Requirements:

• Bachelor s degree in Computer Science, Information Systems or related discipline with at least five (5) years of related experience, or equivalent training and/or work experience.
• Experience must include direct experience in several of the key areas listed: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation and security policy and standards development.
• In-depth knowledge of one or more communications protocols.
• Experience with more than one Cyber Security tools, including: Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.
• Strong written and verbal technical communication skills.
• Demonstrated ability to develop effective working relationships that improved the quality of work products.
• Should be well organized, thorough, and able to handle competing priorities.
• Ability to maintain focus and develop proficiency in new skills rapidly.
• Ability to work in a fast paced environment.

In-depth knowledge of more than one Information Security principle and discipline