Connecting...

W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0
W1siziisimnvbxbpbgvkx3rozw1lx2fzc2v0cy9vbgl2zxitamftzxmvanbnl29mzmljzs1izy1pbwfnzs5qcgcixv0

IT Security Architect

Job Title: IT Security Architect
Contract Type: Permanent
Location: Daytona Beach, Florida
Industry:
Salary: Negotiable
: ASAP
REF: A123_1596547820
Contact Name: James Thomas
Contact Email: James.Thomas@ojassociates.com
Job Published: about 2 months ago

Job Description

The Security Architect provides hands-on IT expertise for a varied set of security initiatives with the goal of increasing the security posture of the organization. This position within the Office of the CISO assists in defining the IT Security strategy, security roadmap and formulation of the security process relative to technology and cloud security architecture management in the areas. This position reports directly to the Information Security Enterprise Architecture Manager.

  • Model the enterprise architecture to map and communicate risk
  • Track technology architecture alignment with business criticality and value
  • Monitor application and technology lifecycle risk
  • Identify opportunities for application and technology rationalization
  • Participate in change review board
  • Review and update polices and evaluate exception requests
  • Evaluate plans and procedures for system resiliency, disaster recovery and business continuity
  • Develop security standards and reference models
  • Lead and support information security projects by researching, documenting, and implementing security solutions
  • Select, develop, and manage the implementation of systems, tools, and processes that will keep the firm at the leading edge of security which includes a continually evolving inventory of gaps to be mitigated and formulation of a proactive strategy to evaluate and implement mitigating technologies
  • Project team member and key player in the deployment of the firms MSSP
  • Work with our industry partners to communicate our approach to security and develop programs to establish typical industry security audit reports (SOC 2, etc.)
  • A strong security posture in direct interaction with (DevOps team) deployment orchestration, automation, and security configuration management
  • Assists in risk assessment and action plan to increase the security posture of the firm
  • Lead assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development, application security, data protection, cryptography, key management, identity and access management, network security) within SaaS, IaaS, PaaS in cloud environments
  • Continuously remain current on emerging security threats and technologies
  • Leverage firms' threat intelligence sources & partners to maintain an understanding of emerging security threats and advanced threat actor's capabilities
  • Support, maintain and enhance firm's Orchestration and Automation platform
  • Serve as the security subject-matter expert on technical questions and mentor junior analysts
  • Integrate threat intelligence feeds and sources with firm's security monitoring infrastructure
  • Design, develop and deploy automation playbooks for automated incident response investigations
  • Identify, procure and prototype new solutions designed to prevent, detect, and respond to threats
  • Track technology architecture, align with business criticality and value, evaluate resiliency, application and device rationalization and lifecycles, disaster recovery
  • Hands-on experience deploying & operating security technologies including devices, networks and systems that identify, prevent, detect, respond, and recover to/from security vulnerabilities and threats
  • Strong understanding of security architecture and operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill-chain analysis, risk assessment and security metrics
  • Working knowledge of a wide range of current network security technologies such as firewalls, proxies, network and host-based intrusion prevention, DLP, vulnerability assessment tools, security information/event management, endpoint security, anti-virus/anti-malware, etc.
  • Strong understanding of network protocols
  • Development/scripting experience: Python and/or PowerShell
  • Working knowledge of Information Security best practices
  • Desire to learn new technologies, share best practices, and contribute to the broader shared knowledge of a global infrastructure and security team
  • Ability to self-organize, prioritize activities independently, create documentation and reporting
  • Ability to lead and mentor staff
  • Ability to interface with business and technology stakeholders
  • Ability to manage stakeholder expectations in the delivery of projects
  • Actively collaborates and commits to success of others and pitches in when necessary to support team success
  • Thinks both tactically and strategically
  • Enables creative solutions by stimulating ideas through discussion and collaboration
  • Able to work on multiple activities at the same time, organizing and prioritizing as needed to accomplish goals
  • Manages uncertainty well - able to assess and act with good enough but imperfect or incomplete information
  • Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level
  • Proven experience in Cyber Security Frameworks such as NIST CSF and associated security controls
  • Experience with Enterprise Architecture and IT service management systems

Required Skills

  • Microsoft Certified: Azure Security Engineer Associate
  • Demonstrated Microsoft cloud security architecture experienc
  • in Computer Science or Engineering or similar technical program or equivalent experience
  • At least one active security certification: CEH, OSCP, CPTE, CISM, CISSP or related other technology certifications
  • Proven experience in Cyber Security Frameworks such as NIST CSF and associated security controls