Cyber Security Architect

28 Oct 2024

Vacancy expired!

The Cyber Security Architect position is a hybrid role combining key aspects of architecture and engineering. This position requires the selected candidate to possess business insight; technical acuity; and the ability to think, communicate and write at various levels of abstraction. This position contributes to improving our Information Security program, through formal Information Security architecture processes that deliver consistent, optimal and resilient solutions that satisfy the business requirements for security services. This position works on multiple projects as lead or as the subject matter expert and mentors more-junior technical staff. This position assists on, helps plan, and carries out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. This role works with the Sr. Security Architect and the Information Security & Compliance teams. This role also works closely with enterprise architect’s and other functional area architects to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently across the following areas: Security infrastructure; program development and delivery Security governance, policies, standards, guidelines, and procedures Security infrastructure implementation, technology evaluation and solution recommendation Security management for all threat and vulnerability solutions and guidelines.

Primary Responsibility: Serves as a security expert in network design, database design, platform security (cloud, operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices -25% Assist with designing and developing security policies, standards, and procedures e.g., firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management - 15% Evaluates third party products and services to verify that they meet security standards and will integrate seamlessly and securely into the IT computing architecture - 10% Ensures security architecture standards and solutions meet business objectives and regulatory compliance requirements - 10% Implements or assists with complex security architecture project tasks including providing requirements for designing and implementing components of the Information Security program - 10% Interfaces with external departments and vendors to provide expert level consultation concerning Information Security architectures and the implementation and integration with existing network environments, applications, and services - 10% Develops the business, information and technical artifacts that constitute the enterprise information security architecture and solutions - 5% Contributes to the alignment of security governance with Enterprise Architecture (EA) governance and project and portfolio management (PPM) - 5% Research, designs, and advocates new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners and vendors - 5% Assists with the Threat Vulnerability Management Process - 5% Level of Formal Education: Bachelors or Relevant Work Experience Area of Study: Computer Science, Information Management, Security, Compliance or Relevant Work Experience Years of Experience: 8 - 10+ Type of Experience: Combined IT and security work experience, with a broad experience designing the secure deployment and monitoring of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure) Knowledge of industry practices and technical systems, and the potential use of technology solutions in a business environment Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies Familiarity with agile development methodologies Special Certifications: Professional designation/certification, such as OSCP (Offensive Security Certified Professional), OSCE (Offensive Security Certified Professional), or equivalent is desired Language Skills: English Technical Competencies: Deep knowledge of web-related technologies (Web applications, Web Services, and Service-Oriented Architectures) and of network/web related protocols Experience assisting with designing and developing security policies, standards, and procedures e.g., firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management Experience with a combination of the following: C or C/Java/Ruby/ASM/other languages, scripting languages (Bash, Perl, Python), web application testing/exploitation, database testing/exploitation or cloud instance testing/exploitation is preferred Knowledge of and experience with cloud architecture deployments across key security domains, including, but not limited to, Data Security, Network Security, and Identity & Access Mgmt. Experience designing the secure deployment and monitoring of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure) Competencies: Proven ability to work and interact closely with senior management levels to determine their business needs and obtain support for initiatives Strong lead and organizational experience Strong security technical skills with the ability to synthesize relevant information and make key decisions Strong analytical skills to relate security requirements to appropriate security controls Excellent communication abilities and relationship building skills Written, verbal, and presentation skills with the ability to effectively interact with internal and external business partners Ability to think strategically Understanding of complex automated systems Information Systems: Familiarity with various technologies (Cloud SaaS, PaaS, IaaS, On Premise, package, custom, etc.)

CompuCom is committed to providing equal employment opportunities in all employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, citizenship status, marital status, age, disability, protected veteran status, sexual orientation or any other characteristic protected by law.