Security Architect

The Security Architect will report to the Director of IT Security Operations. The position provides security design, architecture, guidance, and support for our internal infrastructure and is responsible for the daily upkeep and monitoring of security systems including our firewalls, switches, multi-factor authentication systems and the overall environment within Pavlov Media.

This position will be responsible for championing best practices based on common ITSM constructs, NIST CSF and the ISO 27000 series security standards. This position should have as a minimum CompTIA Security+, and CISSP certifications.

Duties/Responsibilities:

As a member of the security team, you will present your technical expertise balanced with common sense. You will encourage the IT Operations team, internal customers, and Pavlov's clients to do "the right thing" based on data from the tools and processes that support the established policies and standards of our organization.

As our Security Architect, you are responsible for the overall security strategy for the platforms and initiatives within this organization. You will partner with Security Operations, Application teams, the NOC and across the infrastructure teams to define security standards and best practices. You will partner with Infrastructure leads to set prioritization and ensure adoption of these standards across different teams and guide technical solutions. The right candidate for this role is a Security Champion who has experience across Network, Datacenter infrastructure, cloud, application security and familiar with threat modeling, CIS, NIST CSF Standards and is able to influence and ensure its realization through direct and indirect influence.

Contributions to the security community, such as open-source tools, research papers, conference talks, etc. are a plus! You should be an expert in one or more domains and should always be seeking clarity in others. You must also demonstrate the ability to take broad strategy and find the paths to success for yourself and your more junior team members.

The main task of a security architect is to plan, design, optimize, implement, audit, and troubleshoot the network security system to improve the efficiency of the organization. The network security job is to protect the network from threats and bugs that could attack the system and from the existing dangers that may appear at any time day or night.

Responsibilities

• Define and maintain standards aligned to ensure NIST and CIS compliance.
• Engage in system design, engineering, and maintenance to provide technical security guidance across infra programs and initiatives.
• Develop and maintain security context in reference architecture and its prototypes.
• Identify and mitigate security issues, misconfigurations, and vulnerabilities related to cloud and corporate infrastructure and applications.
• Partner with security engineering, observability, and vulnerability management to define logging, alerting, patching, backup, and recovery capabilities and detect, prioritize, remediate issues and threats across infrastructure assets.
• Participate in thread modeling, security incident response, lead incidents, and perform post-incident reviews with engineering teams.
• Develop, evangelize, and monitor the adoption of best cloud security practices.
• Participate in tabletop and security preparedness exercises.
• Build positive relationships with peers across the company to evangelize a strong security culture.
• Partner with Enterprise Architecture and Security to recommend and guide investments to realize best in class security posture.

Skills/Competencies

• Minimum 10+ years of technology proven experience in infrastructure, cloud and security solutions.

• Hands-on experience designing and building scalable and resilient security environments in the cloud (AWS, Azure) AWS Preferred.
• Experience with technical and security architecture, database architecture, virtualization, software design, development, IP Networking, Linux, Agile, java, python, integration, collaboration technologies
• Build reports and dashboards for driving security outcomes.
• Experience with CI/CD pipeline for automated security testing.
• Hands-on experience in AWS Networking Firewall and Security modules
• Extensive knowledge of infrastructure as code (Terraform, CFT, CDK, etc.)
• Hands-on experience interacting with senior and executive leaders across business and technology.
• Familiarity with the principles of network and endpoint security, current threat, and attack trends, and have a working knowledge of security principles such as defense in depth.
• Ability to use the principles and practices of project management.
• Passion for new technologies and cloud trends.
• Degree in Computer science or comparable technical degree. Preferred CISSP, CompTIA Security+, CEH, CYSA+ and other security certifications

Skills/Competencies

• 7+ years previous proven hands-on experience in Information Security particularly in Windows, Linux, Network, and Cloud environments.
• 7+ years of proven hands-on experience developing, implementing, and maintaining security solutions in Fortigate Firewalls, Windows, Linux, AWS, and Azure environments.
• Proficiency in automation and scripting, such as C#, Python, PowerShell, Terraform or JavaScript.
• Experience leveraging CI/CD deployment methodologies and infrastructure as code.
• Ability to discuss Information Security concepts such as defense in depth and zero trust.
• Experience in at least one security domain such as Incident Response, Application Security, Infrastructure Security, Endpoint Security and Response, Detection Engineering, Network Security, Cloud Security, Cryptography, IAM, or Red/Blue or Purple Teams.
• Experience managing a ZTNA platform. Understanding of Zero Trust principles and implementation.
• Proficient in virtualization and container security.

Physical Requirements:

• Prolonged periods sitting at a desk and working on a computer.
• Must be able to lift up to 15 pounds at times.

About us:

Come join are rapidly growing team! Pavlov Media is a dynamic company that has been building great networks for over 30 years and has been named by The Silicon Review as one of the 50 Best Companies to watch! Headquartered in Champaign, Illinois, we're one of the nation's largest private providers of broadband services, serving communities in 44 US states.

We offer a competitive benefits package which includes:

• Medical/Dental/Vision Insurance on day one
• 3 weeks of PTO
• Paid holidays
• 401K with Company match
• Tuition/professional development reimbursement

#dice