Cybersecurity Design Engineer/Architect
*Fully remote position*
*Long Term Contract*
A prestigious company is looking for a Cybersecurity Design Engineer/Architect. This person will focus on enterprise cybersecurity infrastructure and have a good understanding of application cybersecurity. This engineer/architect will primarily focus on Cloud migration, Citrix cloud, SDWAN security, VPN, Github security, MS Power platform, and MS co-pilot.
Responsibilities:
- Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions.
- Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats.
- Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture.
- Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
- Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices.
Technical Skills
- Strong knowledge of network security protocols, best practices, and perimeter security tools
- Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping
- Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management
- Understanding of Azure native security services and best practices
- Strong knowledge of threat modelling and risk assessment technologies or frameworks
- The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications
- Explain vulnerabilities and threats
- Threat modelling
- Recent attacks
- Application Security Focus Areas
- Secure Code Development
- Secure SDLC
- Secure Agile development
- Testing Security requirements
- Writing security stories
- Web Application Security
- Owasp 10
- SAST and DAST Scan
- API Security
- CI/CD pipeline
- Integrate security tools
- Security testing
Cloud Security Focus Area
- Shared Responsibility model
- Secure services in the cloud
- Infrastructure security in the cloud
- Secure boundaries
- Authentication & Authorization
- Security services in the Cloud
- Cloud Native VS Third party security capabilities
- Container Security
- Container security life cycle
- Image scanning
Reference: 2811972790
Cybersecurity Design Engineer/Architect
Posted on Aug 21, 2024 by Request Technology
*Fully remote position*
*Long Term Contract*
A prestigious company is looking for a Cybersecurity Design Engineer/Architect. This person will focus on enterprise cybersecurity infrastructure and have a good understanding of application cybersecurity. This engineer/architect will primarily focus on Cloud migration, Citrix cloud, SDWAN security, VPN, Github security, MS Power platform, and MS co-pilot.
Responsibilities:
- Contributes to a team that ensures the security of enterprise data and systems by developing enterprise information security solutions.
- Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats.
- Serves as a security expert in one or more of application development, database design, network, and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture.
- Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
- Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Serves as an expert in one or more of platform, application, storage, network, virtualization, cloud and mobile security best practices.
Technical Skills
- Strong knowledge of network security protocols, best practices, and perimeter security tools
- Strong knowledge of identity and access management controls, including SAML and OAUTH/OIDC based authentication, Active Directory, and role mapping
- Understanding of common security control solutions for event logging, remote access, endpoint management, and mobile device management
- Understanding of Azure native security services and best practices
- Strong knowledge of threat modelling and risk assessment technologies or frameworks
- The candidate shall have the experience on developing secure view of architecture and secure design documents for different applications
- Explain vulnerabilities and threats
- Threat modelling
- Recent attacks
- Application Security Focus Areas
- Secure Code Development
- Secure SDLC
- Secure Agile development
- Testing Security requirements
- Writing security stories
- Web Application Security
- Owasp 10
- SAST and DAST Scan
- API Security
- CI/CD pipeline
- Integrate security tools
- Security testing
Cloud Security Focus Area
- Shared Responsibility model
- Secure services in the cloud
- Infrastructure security in the cloud
- Secure boundaries
- Authentication & Authorization
- Security services in the Cloud
- Cloud Native VS Third party security capabilities
- Container Security
- Container security life cycle
- Image scanning
Reference: 2811972790
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog