Security Architect

Security Architect

Loc: NYC, NY---hybrid work

Duration: Long term contract(24+ months)

JOB DUTIES AND RESPONSIBILITIES:

Security Architect to fortify an organization's defenses against evolving cyber threats, ensuring robust protection across all facets of the IT environment.

Role Responsibilities:

• Active Directory and Entra ID Security Enhancements

• Tiered Administrative Model: Implement a tiered model to segregate administrative privileges, reducing the risk of lateral movement.
• Privileged Access Management (PAM): Utilize PAM solutions to control, monitor, and audit privileged accounts, ensuring that users have only the access necessary for their roles.
• Kerberos Hardening: Regularly monitor for anomalies in Kerberos ticketing to detect and prevent unauthorized access.
• Regular Auditing: Conduct periodic audits of AD configurations and permissions to identify and remediate potential vulnerabilities.
• Risk Assessment Review: Review the risk assessment reports and assist in mitigating them.

Vulnerability Management Across Windows and Linux

• Automated Patching: Assist in deploying automated tools to ensure timely patching of known vulnerabilities across all systems.
• Configuration Management: Review and implement configuration management tools to enforce security baselines and detect unauthorized changes.
• SIEM Utilization: Review and utilize Security Information and Event Management (SIEM) systems to continuously monitor for signs of compromise.
• Regular Security Assessments: Conduct periodic security assessments and code reviews to identify and remediate vulnerabilities.

Modernize Certificate Lifecycle Management

• Lifecycle Tools: Implement tools to manage the issuance, renewal, and revocation of digital certificates.
• MFA Integration: Leverage PKI to enhance MFA solutions, providing stronger authentication mechanisms.
• PKI Audits: Audit PKI components to ensure compliance with security policies and standards.

Endpoint Detection and Response (EDR)

• Behavioral Analysis: Utilize EDR tools that employ behavioral analytics to identify anomalous activities indicative of threats.
• SIEM Integration: Ensure EDR solutions feed data into SIEM systems for centralized analysis and response coordination.
• Automated Response: Implement automated response capabilities to contain threats swiftly upon detection.

Requirements and Experience:

• B.S. required
• U.S. citizenship required
• Strategic Thinking Ability to align security architecture with business goals, anticipating future risks and designing scalable solutions.
• Leadership Skilled at driving consensus across DAS and ITB diverse teams and guiding stakeholders toward secure design decisions.
• Communication Capable of translating complex security concepts into clear, actionable insights for executives, engineers, and business leaders.
• Experience working in a team environment