Cyber Security Technical Architect

Security Architecture

• Develop security architecture and guiding principles to support information technology initiatives with a focus on cloud.

• Oversee and drive the design and implementation of security architecture controls in support of compliance requirements.

• Support security architecture and guiding principles and apply to information technology initiatives.

• Deliver technical guidance related to enhancing the security posture of information systems solutions.

• Assist the design and implementation of security architecture controls to meet compliance requirements.

Multi Cloud Security

• Design and develop public cloud specific security policies, standards and procedures

• Identity and Access Management (SSO, SAML), Firewall Management, Encryption Key Management, Security Incident and Event Management (SIEM), etc., in partnership with Enterprise Architecture, Infrastructure, DevOps and Application Development teams.

• Identify and validate security controls for cloud services.

• Analyze threats and current security controls to identify gaps in current defensive posture.

• Design security controls for multi-tier business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.

• Researches and creates a comprehensive strategy for cloud-native security (i.e., data classification and categorization; data segmentation; server access control; resources-based access control and access control lists; user identity access management and attestation; data-at-rest encryption; data-in-transit encryption; encryption key management, logging, auditing, and anomaly detection; and role-based access control).

• Assists in the integration of development pipelines with secure configuration parameters to remove or reduce known threat vectors and vulnerabilities in infrastructure-as-code (IaC) and continuous integration/continuous delivery (CI/CD) build configurations and release automation.

IAM

• Develop IAM technology roadmaps in support of customer vision and strategy.

• Drive Zero Trust Architecture principles and Passwordless design.

• Develop proof-of-concept prototypes and initial implementation models.

• Monitor implementation activity to ensure architecture and design principles are upheld.

• Ensure implementation solutions support architecture objectives (e.g., availability, scalability, performance, security, etc.), as appropriate.

Vulnerability Management

• Vulnerability Assessment: Identify and evaluate security vulnerabilities in current and future products, assess their severity, and propose mitigation strategies.

Network Security

• Develop and maintain network security strategy, aligning it with business goals and compliance requirements.

• Design and implement network security architecture, including firewalls, intrusion detection/prevention systems, VPNs and other security technologies.

• Research, evaluate, and recommend security solutions, products, and technologies that can enhance the network's security posture.

• Partner and conduct security audits and penetration tests to assess the network's security and identify vulnerabilities.

Threat Detection

• SOC

• Provide technical leadership for the information security detection, response & analysis function.

• Design and implement a comprehensive SOC strategy, ensuring alignment with business objectives and the optimal use of SIEM.

• Evaluation of capabilities of security te chnologies like SIEM, firewalls, IDS/IPS, EDR, and more focused upon optimizing threat detection and response.

• Drive strategic recommendations and identify delivery gaps based upon emerging threats.

Qualifications:

• 10+ years of experience in related fields

• Experience working in three or more domains listed above

• Preferred domains: Cyber Security Architecture, Identity and Access Management, and Cloud Security

• CISSP Certification preferred

• Strong communications, writing, and presentation skills

• Must be open to travel up to 20%

#LI-AK1