Overview
Skills
Job Details
Duration: 6month contract to hire
Locations: Irvine, CA |Scottsdale, AZ | Nevada | Albuquerque, NM (Hybrid)
Note: Need to go onsite for the final round interview.
Additional Notes:
Not looking for candidates with heavy leadership experience. Candidates that at most have manager level experience will do well, but anything at the Director and up positions may not be a fit as this is a contributor role on a team.
Need experience working in a cybersecurity department Current CISSP cert is required
Customer is not wanting a very tool-focused individual. Having a leading vendor in his job titles for the last couple of roles could be a red flag for the customer.
SME needs to see examples on their resume of secure architectures that they have actively configured, not just advised on compliance for.
What You ll Be Doing: Security Architecture
Gain understanding of current state and target state architectures, then work to define a strategy for technical direction around security.
Architect, design, implement, maintain, and operates information system security controls and countermeasures.
Leads the planning, design, documentation, and engineering of security and compliance solutions across the enterprise.
Defines, develops, documents, and implements new security components and integrations.
Provides techniques and patterns for securing integration with external vendors or cloud providers.
Subject matter expert/contributor measurably improving the overall security framework and program.
Leads regular design reviews for requirements implementation.
Security Administration
Evaluates and plays an active role in life-cycle management of multiple technologies designed to protect information.
Create and maintain process and or procedures for security technologies.
Prepare periodical reports on risk analysis reviews, security compliance reviews, and security incidents, etc.
Incident Response
Lead incident response team activities.
Monitor for new security threats and makes recommendations for additional controls.
Identify security risks to the organization and recommend corrective actions.
Provide oversight of complex security incidents and escalations, performing advanced analysis and troubleshooting, and resolving incidents.
The Ideal Candidate: Education:
Bachelor of Science Degree in Systems Engineering, Electrical Engineering, Computer Sciences, Computer Engineering, Information Security, or other related engineering degree, or equivalent experience.
Experience:
Industry recognized security certifications; CISSP: Certified Information Systems Security Professional (MUST), CISM: Certified Information Security Manager, GIAC: SANS Global Information Assurance Certification, vendor certifications such as Azure Security Engineer (AZ500), etc
10+ years experience in an Information Technology role, with 5+ years specific to an Information or Cybersecurity role that include expertise in design, development, and deployment of complex highly available, and secure, integration solutions.
API Security and Key Management: Expertise in securely storing and managing API keys using tools such as Key Vaults or similar secrets management solutions.
Infrastructure and API Integration: Understanding of the end-to-end architecture and flow between network and security components (e.g., Firewall, Load Balancer, API Management) and how they interact with API endpoints to ensure secure and reliable communication
Specialized Skills:
Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such Azure/AWS/Google Cloud Platform, as well as traditional on-premise secure networks, firewalls and intrusion-detection/prevention systems.
Advanced knowledge regarding common attacks, attack methods, and defense architectures.
Expert level experience in four or more of the following Security Technologies:
o Cloud Technology Platforms, AZURE, IaaS, PaaS, SaaS
o Network Intrusion Prevention/Detection (IPS/IDS)
o Security Information and Event Management (SIEM)
o Virtual Private Networks; SSL, IPSec and Site-to-Site
o Public Key Infrastructure (PKI)
o Network Access Controls (NAC)
o Next-Gen enterprise class firewalls
o Encryption technologies
o Vulnerability scanning tools
o Application scanning tools
Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team. Undertaking and completing project tasks on schedule with minimal to no supervision.
Outstanding interpersonal skills, effective communication with internal and external personnel at peer and executive management levels.
Highly adept in interfacing with developers, engineering, and customers.
Experience with Information Security policy and procedure development and implementation.
Knowledge of Information Security risk assessment methodologies and standards.
Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers.