Cybersecurity And Risk Architect - Security Clearance Preferred

Juniper Networks Herndon , VA 20171

Posted 7 months ago

Maintain responsibility for Cybersecurity risk identification, assessment, and evaluation of projects across the enterprise and work with project stakeholders to comprehend architecture, design, planned controls, and anticipated threats. Model the possible vulnerabilities and threats from an architectural level and determine the resulting risks, likelihoods, and impacts. Determine risk remediation, including compensating controls, work with projects to incorporate or reject controls in the design, determine residual risks, and interface between project, enterprise risk manager, and senior management for risk acceptance. Leverage knowledge of security threats, system, including application and infrastructure vulnerabilities, resulting risks, and compensating controls. Serve as a thought leader and communicate with peers and leadership regarding optimum architectural approaches that meet business requirements and managing security risk and maintaining compliance. Participate in process improvement activities, including standardizing threat actors and control catalogs. Leverage knowledge with three or more areas of Cyber defense capabilities, including Cyber threat intelligence, Cyber operations, vulnerability management, incident response, Cyber hunt, security analytics, attack surface reduction, penetration testing, and red teaming.

Basic Qualifications:

  • 7+ years of experience with leading project delivery teams with private sector clients as a technical consultant

  • 5+ years of experience with Cybersecurity consulting

  • JUNOS experience preferred

  • TS/SCI security clearance optional

  • Experience with information security program frameworks, including NIST CSF, DoE C2M2, ISO 27001/2, and COBIT

  • Experience with providing strategic direction for core enterprise infrastructure and security supported technologies, including data protection, such as DLP, tokenization, and encryption, perimeter protection, such as WAF and firewalls SIEMs, managed security services, and Cloud services security

  • Ability to drive definition and implementation of the security architecture standards

  • Ability to lead fast-paced delivery in challenging commercial environments, work with senior leaders to foster positive client relationships, identify new business opportunities with existing clients, and develop new intellectual capital

  • Ability to build strong relationships with technology vendors and develop mutually beneficial partnerships

  • BA or BS degree

Additional Qualifications:

  • Experience with multiple market verticals, including financial services, healthcare, energy, consumer products, and high tech

  • Experience with coaching and mentoring junior staff on functional expertise

  • Experience with an information security regulation or regulatory body, including PCI-DSS, HIPPA, SOX, or GLBA

  • Experience with Microsoft Office, including Outlook, Word, Excel, and PowerPoint

  • Knowledge of eGRC (Enterprise Governance Risk and Compliance) platforms

  • Knowledge of various risk management frameworks, including NIST 800-30

  • Ability to be a self-starter and thrive in a fast-paced consulting environment and to travel up to 75-100% of the time

  • Ability to synthesize and analyze multiple views and data sets

  • Possession of excellent analytical, problem solving, decision making, planning, organizing, interpersonal skills, comprehension, conflict resolution, teamwork, relationship building, and client facilitation skills

  • Possession of excellent oral and written communication skills

  • BA or BS degree in Information Security, IT, CS, or a related field preferred; MA or MS degree a plus

  • IS Certifications, including CISSP or CISM preferred

  • Project management Certifications, including PMP preferred

  • Travel - 50%

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Manager (Threat Detection)

Freddie Mac

Posted 1 week ago

VIEW JOBS 10/9/2019 12:00:00 AM 2020-01-07T00:00 As a Cyber Security Manager, you will help in fulfilling Information Security department's vision of reducing information risk by ensuring and enhancing the availability, reliability and accessibility of Information systems at Freddie Mac. You will be responsible for providing people management and technical direction over the Cyber Security Threat Detection function. You will be responsible for leading activities ranging across threat analysis, advanced threat detection, correlation logic development in the Security Information and Event management (SIEM) tool. You will assist in Cyber Security team's activities ranging across event monitoring, incident response, threat intelligence, and forensic analysis. You will ensure the presence of appropriate level of technology, skill levels, and processes required to deliver to ensure the confidentiality and integrity of Freddie Mac and customer assets. Your Work Falls into Three Primary Categories: Threat Detection * Execute a threat detection strategy based on the MITRE ATT&CK Framework. This includes analyzing threat information from multiple sources, synthesizing information and use that in development of new security alerts in the SIEM tool to address new and emerging threats. * Drive strategic design of Threat Detection workflows and partner with Business/IT stakeholders to identify security threats that Freddie Mac faces. * Provide thought leadership and guidance to build the necessary controls and infrastructure to provide automated and proactive threat detection capabilities. * Manage and support development of Security Operations playbooks. Leadership * Lead the day-to-day operations and manage a team of Security Analysts who deliver Cybersecurity's scaled threat detection, assessment and mitigation efforts. * Lead broad initiatives, plan and track delivery deadlines, and oversee tactical delivery of improvements to Cybersecurity's threat management processes. * Provide leadership to your team to analyze, build processes and develop correlation logic in our (SIEM) tool to identify new threats. * Manage and execute processes responsible for the advanced analysis of security threats (malicious code, intrusion logging, etc.) to proactively develop detection for such threats. * Support inquiries from compliance teams such as IT risk management, Internal and External audit, to ensure documentation is complete and in compliance with Information security policies. * Participate in the review and documentation of requirements for analyzing the specific threats to assist in development of new use cases to detect, report, log, track, and escalate security events. Communication and Collaboration * Routinely brief and update senior leadership and other stakeholders on the threat detection program and manage escalations. * Effectively collaborate within Information Security with teams such as Threat Intel, Monitoring, Incident Response, Forensics etc. as well as external teams in IT and various lines-of-businesses to enable advancement of Freddie Mac's security posture. * Present security analysis, action plan and risks to different audiences and adjust the delivery accordingly (business, technical and management) using either structured presentations or ad-hoc and establish consensus. * Establish and maintain business relationships with individual contributors as well as management. Qualifications * At least 8 years of Information Security or related experience. * At least 3 years of experience with building and leading high performing Information Security teams in complex environments. * At least 3 years of Information Security experience especially developing advanced threat detection capabilities. * Demonstrated experience with designing and implementing use cases in SIEM tool such Splunk (Preferred), Arcsight, QRadar, etc. * Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection). * Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases). * Relevant security knowledge and experience in two of the following areas: threat response, Security event monitoring, incident response, network/host intrusion detection, malware analysis. * Proven experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations etc. * Strong knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases). * Bachelor's degree in Computer Science, Information Technology, Cyber Security related field or equivalent work experience. Keys to Success in this Role * Self-starter and self-motivated. * Ability to work & collaborate effectively well in a team environment. * Ability to communicate clearly, effectively, persuasively and credibly with internal management and external senior level oversight entities. * Motivated to learn new technologies and come up with process improvements and efficiencies. * Sense of urgency and able to apply risk-based approach to prioritize work. * Ability to adopt change while continuing to deliver on assigned objectives. * Strong verbal and written communication skills. Top 3 Personal Competencies to Possess * Leadership - Set and execute upon a clear vision, strategy, and/or goals * Seek and Embrace Change - Continuously improve work processes rather than accepting the status quo * Growth and Development - Know or learn what is needed to deliver results and successfully compete Preferred Skills * CISSP or CISM certification is preferred. Other relevant security certifications will be considered such as GIAC, GCIH, CEH, CSA+ certifications * Experience in the financial services industry * Splunk Certified Professional * Experience working in a Security Operations Center (SOC) environment Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V. Freddie Mac Herndon VA

Cybersecurity And Risk Architect - Security Clearance Preferred

Juniper Networks