The Cybersecurity Architect will interface with customers to:
* Identify and understand needs
* Assessment and decomposition of security requirements
* Development and presentation of cyber focus design solutions and guidelines
* Provide leadership and oversight to the delivery of security architect services
As cyber expert, the responsibilities in efforts that will result in the integration of application security and/or information security requirements, controls and processes into the Software Development Life Cycle (SDLC) or Project Life Cycle and also participate in feature development, technical risk assessments and security technology deployments.
- Deploy Splunk log aggregation tool.
- Create general Splunk alerts based on general alerting requirements.
- Deploy Tenable Nessus Scan tool
- Configure Nessus scan tool to perform Operating System level scans, Network tool scans and Baseline Configuration.
- Working knowledge of Linux Operating System and Windows Operating system.
- Provide security engineering expertise to enhance security posture.
- Develop secure application architectural designs
- Ensure applications and infrastructure meet standards for security as defined by CIS and FIPS.
- Utilize publicly available Common Vulnerabilities and Exposures (CVE) to analyze and probe system weaknesses.
- Demonstrate proficiency in security architectures in large datacenter environment – DNS/DHCP, Load Balancing (F5 Networks), Firewalls (Cisco, Palo Alto, Fortinet, & Juniper Networks), IDS/IPS, IPSEC VPN)
- Ensure that all solutions follow security, compliance controls, and conformance to firm’s IT security standards.
- Full document and provide security considerations related to technical implementations
- OSCP/OSCE Highly Preferred
- Proven hands-on Security Engineering experience dealing with Network engineering as well as Software Engineering.
- Linux Operating System working experience
- Tenable Nessus experience
- Developer background, 2 years of experience with programming in at least one common object oriented language (java, c#, C, Python, Ruby etc.)
- Experience with continuous integration concepts and tools, such as Bamboo, Jenkins, Microsoft TFS, TeamCity, etc.
- Knowledge of Risk Controls framework, and Audit procedures (27000/1/2, NIST 800-53/171, SOC2, DFARS, Privacy Shield, etc.)
- Ability to script in multiple operating systems, Linux (BASH), Windows (Powershell)
Job Type: Contract