IT Security Architect | Full Time

GENERAL DESCRIPTION:

As an IT Security Architect this position will be responsible for collaborating across teams to plan, design, and support various security technologies and services. His or her responsibilities will range from global planning and project execution, to operational support. He or she will oversee the technical security architecture by coordinating with senior engineers and managers to plan, implement, and support enterprise systems.

PRINCIPAL DUTIES AND RESPONSIBILITIES:

• Development of long-term strategic security goals across the organization in conjunction with company objectives.

• Develop security architectures based on business needs and other needs assessments.

• Develop, implement, and manage comprehensive network security design, policies, plans, and procedures, encompassing security architectures, firewall policies, intrusion detection systems, and security data collection systems.

• Collaborate with cross-functional teams to ensure a balanced and cohesive approach to security and network integration.

• Participate in architectural discussions with technical and management audiences while partnering with clients and other resources to detect important architectural gaps in the systems infrastructure.

• Support design and help establish information security architecture standards with accompanying documentation, including checklists and quick guides that are consumable and usable System-wide.

• Research and identify information security best practice methods and the latest technologies, assessing potential value to our organization.

• Communicate complex security architectural concepts and principals to all audiences.

EDUCATION AND EXPERIENCE:

• Bachelor's Degree required, ability to work nights and weekends when required

• 5+ years of IT experience required.

• Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)

• Knowledge of encryption algorithms.

• Experience working with network access, identity, and access management (e.g. Active Senior Management Consultancy, access federation, multifactor authentication, PKI)

• Networking: LAN, WAN, Wi-Fi, DNS, WINS, DHCP, TCP/IP, ISCSI, Cisco IOS, Cisco NX-OS, Network Fabric, SDWAN, VPN (IPSEC, SSL), Remote Access.

• Routing Protocols: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

• Firewall Technologies: Palo Alto, Cisco ASA/Firepower, Fortinet

• Network Protocols: TCP/IP, L2TP, PPTP, IPSEC, IKE, SSL, SSH, UDP, DHCP, DNS

• Operating Systems: Windows, Linux, Ubuntu, Kali, Unix.

• Security Frameworks: NIST, ISO/IEC 27001, COBIT, CIS, MITRE, PCI/ITIL, FISMA.

• Intrusion Detection and Prevention.

• Data Loss Prevention: Data Loss Prevention Systems

• Azure Security Measures: (e.g., Multi-Factor Authentication, Role-Based Access Control)

• Windows Active Directory Security Measures: (e.g., Group Policy, Account Policies)

• Cisco Identity Services Engine (ISE): Implementing and managing ISE for network access control.

• Server Security: Server Operating System Hardening

Additional Information

• Organization: Corporate Services

• Department: Ntwrk Fac & Trans Srvcs

• Shift: Day Job

• Union Code: Not Applicable