Overview
On Site
$150000.00 - $180000.00 per annum
Full Time
Skills
Enterprise Security Architect
Job Details
Job Summary:
- Develop and maintain an enterprise-wide security architecture strategy aligned with business goals and objectives.
- Evaluate and recommend new security technologies and tools to enhance the overall security posture. Stay current on emerging information security technologies and industry best practices.
- Collaborate with executive leadership to ensure alignment of security initiatives with overall business goals.
- Understand complex attacks, leverage threat intelligence, and employ analytics to enhance the enterprise security posture
- Understand the landscape of threats, their sources, methods employed and potential targets
- Utilize threat intelligence to predict, detect and counteract threats before they compromise a system
- Conduct risk assessments to identify and prioritize potential security vulnerabilities, threats, and risks.
- Collaborate with other departments to analyze and assess the impact of security threats and vulnerabilities.
- Develop risk mitigation strategies and implement security controls. Ensure that risk management practices align with industry best practices and compliance requirements.
- Ensure compliance with relevant laws, regulations, and industry standards. Participate in audits and regulatory assessments.
- Establish, maintain, and audit cyber security guidelines, standards, policies and procedures.
- Coordinate with other IT and business units to integrate security into daily operations.
- Ensure compliance with industry regulations and standards (e.g., GDPR, HIPAA, ISO 27001).
- Provide guidance on security best practices to ensure compliance to standards and best practices.
- Lead and contribute to security awareness programs to educate employees about security policies and best practices.
- Mentor and train on security best practices to insure a focus on security across the enterprise.
- Collaborate with training teams to develop and deliver security training programs.
- Develop and maintain an incident response plan.
- Coordinate and participate in security incident response activities.
- Conduct post-incident assessments to improve incident response capabilities.
- Work closely with other IT teams, such as network, infrastructure, and application development, to integrate security into their processes.
- Collaborate with external vendors and partners to ensure security requirements are met.
Qualifications:
- Bachelor's degree, or relevant work experience required in Information Security, Cybersecurity, Computer Science, or a related field. Master's degree preferred.
- 5 or more years of cyber or information security experience, with a focus on security architecture within complex, diverse enterprise environments required.
- 4 or more years of experience in software development, infrastructure engineering, technical architecture, or similar discipline required. 5 to 9 years preferred
- Strong working knowledge of firewalls, VPN, routers, servers, zero-trust technology, WAF, API Gateways and IDS/IPS, network access controls, DevSecOps, and network segmentation required.
- Strong leadership and influence skills
- Must be able to present to all levels of management & executive leadership, and communicate effectively to technical and non-technical individuals
- Knowledge of and experience applying cryptography, encryption, public infrastructures (PKIs), including digital signatures and certification authorities (CA), required
- Must be experienced with multiple platforms, including Windows, UNIX, and Linux, containers, VMs, hybrid cloud/on premise/cloud (AWS, Azure, Google Cloud Platform) environments, and end user/mobile devices (Windows, IOS, Android)
- Experience with authentication technologies - multi-factor authentication, SAML, OIDC, tokens, IAM/IGA, PAM preferred
- Security related certifications, such as - CISSP, CEH, CISM, CRTSA, CRISC, CISSP-ISSAP, CSSA, AWS Certified Security or Microsoft Certified: Azure Security Engineer Associate preferred.
- Outstanding influencing and consensus building skills
- Ability to conduct technological analyses and research
- Leadership, mentoring, coaching and role model skills
- Strong communication, teamwork and collaboration skills required to evangelize technology subjects across all levels of the organization
- Seasoned in managing tradeoffs and risks, adapting to change & uncertainty and making recommendations with imperfect information
- Exceptional analytical and critical thinking skills
- Strategic thinking and time management skills
- Must be able to comply with all company policies, rules, procedures and Code of Conduct
- Must be able to interact well with others
- Must be able to work independently, or in a team setting
- Must be capable of working under tight time constraints in a high volume environment with multiple priorities
- Responds well to questions; Ability to read, interpret and comply with written information and documents such as safety rules, operations / procedure manuals and maintenance instructions with a high comprehension and concentration level to include the ability to meet deadlines
- Must pass a pre-employment drug screen, random drug and/or alcohol tests, and will be subject to a criminal history background check
- Must be authorized to work in the United States