Lead Security Architect
Posted on Apr 20, 2022 by Request Technology
*We are unable to sponsor as this is a permanent full time role*
A prestigious fortune 500 company is on the search for a Lead Security Architect. This architect is focused on network and infrastructure security, along with cloud security. This company needs someone with experience working with Firewalls, vulnerability management, resiliency, and containers such as technologies like Kubernetes. Also this architect needs to be up to date with all the leading GRC frameworks like NIST, ISO, PCI, etc.
- Security Consultation to stakeholders, SMEs, and project or product teams
- Security analysis and guidance from within the Security Team.
- Constructive review of existing environment standards, designs, tools, and services to determine areas of weakness, inconsistency, or exposure, this while offering recommendations for IT remediations and maturity.
- Thoughtful analysis and alignment with Security Operations and GRC to ensure alerting, metrics, and reporting are conveying information to further reinforce security standards or identify deviations.
- Defining security architecture, standards, and solutions within one or more domains
- Develop conceptual and logical security architectures to inform and influence product selection and application
- Create and document technical security standards, policies, procedures, and processes
- Support the analysis and implementation of security standards to establish repeatability and consistency across the technology ecosystem.
- Design and advocate for modern approaches to network and infrastructure security
- Bachelor's Degree in Computer Science (related) or equivalent experience as a hand-on security architect/senior security engineer.
- 7+ years of IT Security Experience. Industry certifications are highly desired (ie CISSP, CCSP, or other advanced-level certifications).
- Firewalls, networking, routing, load balancers, and related
- Zero trust, zone-based architecture, defense in depth, SASE, SSE, and micro-segmentation
- Identity-based network access, time-bound access to networks, and NAC
- Wireless technologies, 802.1x, WPAx, and wireless in IoT and industrial applications
- Intrusion detection/prevention, threat protection, application and content identification
- Web application Firewalls (WAF), application and reverse proxies, DDoS protection strategies
- SaaS cloud service security (O365, Salesforce, ServiceNow, etc.)
- AWS, Azure, GCP, and other commodity IaaS vendors
- NIST 800-53, NIST CSF, ISO 27001, PCI-DSS, HIPAA, etc.
- SABSA, TOGAF, and enterprise architecture frameworks
- Frameworks such as MITRE ATT&CK and OWASP ASVS, with the ability to articulate how the frameworks assist in enhancing security.
- Vulnerability management technologies and secure development tools.
- Threat modelling methodologies and frameworks
- Server, database, and infrastructure security and resiliency
- Kubernetes and containers
- Internet of Things (IoT), Operational Technologies (OT) and industrial controls