The Sr. Security Architect is responsible for assisting the Information Security Team in protecting Client’s data assets while enabling the business. This role is key to ensuring client’s security footprint is accurately architected, designed, configured, alerting, and reporting, along with assisting and in many cases lead security design decisions/approvals on the Business and Industrial Control System (ICS) networks.
Additionally, the role includes reviewing security access requests, assessing vulnerability management reports, assisting with incident management, working with senior management to improve security standards/procedures, and enhancing Client’s overall security footprint. This person must have ability to work both remotely and from the corporate office (when needed), a self-starter, can-do attitude, excellent written and verbal communication skills, works well with peers, and flexible/accommodating to changes in priorities.
- Primary Security Architect responsible for working with senior security management team in building and enhancing client’s security footprint.
- Work with peers from manufacturing, IT infrastructure, and other related business teams in architecting secure communications both within the internal network, and externally [includes communications within the ICS network, between ICS and Business segments, and between Client and its business partners].
- Recommend security solutions that fulfill existing security policy and procedures, architect and assist with implementation where needed.
- Recommend security tools and services that help secure Client’s data footprint include IPS/IDS, AV, threat visibility tools, certificate authorities, web content management, SIEM, vulnerability assessment tools, and related items.
- Recommend and assist with implementation of cloud and Microsoft security controls.
- Partner with MSPs (managed service providers) and internal team security analyst(s) to enhance current SIEM and SOC services to further improve data ingestion into SIEM, effectiveness of correlation rules, and overall alerting mechanisms.
- Work with SOC, Client IT teams, and GIS to remediate security incidents as appropriate.
- Make recommendations to ensure web and content management system is effectively configured to securely manage web traffic.
- Assess complex security requests, provide response (approval/deny, etc.) where appropriate.
- Research and analyze threats and their behavior, recommends remediation plans and assist with execution where applicable.
- Candidate should demonstrate in-depth knowledge of OSI model and TCP/IP enterprise network services in addition to a demonstrated capability to perform network packet analysis and anomaly detection.
- Assist senior management with creation/editing of security policy and procedures.
- Employ effective communications when assisting with security architecture, design, and/or incident management efforts.
- Perform vulnerability reporting over time including trend reporting and analysis.
- Assist team with various annual security compliance audits, including providing detailed reporting and evidence for various controls.
- Bachelor's degree* in Computer Science, Cybersecurity, or related field required; Master's degree preferred.
- Minimum of 10 years of IT Security experience.
- Understanding of network and security architecture best practices.
- CISSP and/or CCNA certification or related knowledge level.
- Experienced with recommending and implementing Microsoft ATP security controls.
- Experienced with security architecture design including Firewalls, routers, switching, Wi-Fi, and security appliances and services (i.e., IPS/IDS, AV, threat visibility tools, certificate authorities, web content management, SIEM, vulnerability assessment tools, and related items).
- Understanding of Active Directory design and related security controls.
- Understanding of MS Azure cloud service offerings and related security controls.
- Proven experience with implementation of security related network devices (i.e., firewalls, IPS/IDS), understanding of OSI model, net-flows, and client/server infrastructure design.
- Ability to implement standard procedures for incident response while interfacing with management.
- Proven experience working with content management systems (i.e., Forcepoint, Bluecoat, etc.).
- Proven experience with SIEM tools including purpose, correlation rule design, and related monitoring and reporting best practices.
- Proven experience triaging security related incidents and understanding how to utilize incident response plans.
- Ability to demonstrate knowledge of TCP/IP enterprise network communications and perform network packet analysis and anomaly detection.
- Proven experience evaluating security tools and making recommendations based on 3rd party and internal lab reviews.
- Proven experience working with IT auditors and providing evidence for related controls.
- Proven experience with Advanced Persistent Threat groups (Tactics, Techniques, and Procedures/Indicators of Compromise).
- Proven experience with writing security or related IT policies and procedures.
- Proven experience reviewing infrastructure designs, finding security gaps, and making recommendations to ensure a secure implementation, both Business and ICS network environments.
- Excellent written and verbal communication skills.
- Professional demeanor and ability to interface with all levels of the organization.
- Flexible with work-from-home and/or in-office work schedule (hybrid mix).
*Degree must be from a school that is accredited by an accrediting agency recognized by the Secretary of Education of the U.S. Department of Education or equivalent program from an international university.