The Cybersecurity Architect secures enterprise information by determing security requirements; planning, implementing, and testing security systems; identifying security design gaps in existing and proposed architectures and recommending changes or enhancements; identifying and communicating current and emerging threats and designing security architecture elements to mitigate threats as they emerge; and assisting with the identification of, response to, and recovery from security incidents. May perform Red Team activities as needed. Serves as a enterprise cybersecurity subject matter expert and mentor to other team members. Models appropriate behavior as exemplified in MLH Mission, Vision and Values.
Extensive knowledge of security architecture technology solutions such as firewalls, intrusion prevention systems, Security Information and Event Management (SIEM), vulnerability scanning and management, anti-virus management, Public Key Infrastructures and certificate management, content filtering, and data loss prevention (DLP).
Ability to assess security incidents or risks, gathers needed information, and finds appropriate solutions.
Ability to evaluate business strategies and requirements, research information security standards, evaluate and study the architecture/platform, indentify integration issues and security gaps, establish best practice security controls, and prepare cost estimates.
Knowledge and experience designing, planning, and implementing enhanced enterprise cybersecurity solutions for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, servers, and other related network and endpoint devices.
Knowledge and experience implementing security systems by specifying intrusion detection methodologies and equipment, directing equipment and software installation and calibration, preparing preventative and reactive measures, and completing documentation
Understanding of the security implications of cloud computing
Working knowledge of scripting and programming to automate security processes and evaluate development security practices
Expertise with standard security tools such as Kali Linux, Metasploit, BurpSuite, nmap, vulnerability scanners, and forensics tools.
Detailed technical knowledge of database and operating systems, the TCP/IP protocol suite including commonly used ports, the OSI model, and web-related technologies.
Ability to manage projects and implementations with minimal supervision.
Ability to use basic office productivity tools and manage time.
Ability to communicate project status to management and other stakeholders. Present in front of small groups. Document processes.
Key Job Responsibilities
Plans, deploys, administers, monitors, and maintains enterprise security technology solutions which protect the organization from existing and emerging threats.
Conducts periodic scans and assessments of existing and proposed architectures, defines security gaps, and recommends changes or enhancements.
Monitor network, systems, and logs to ensure confidentiality, integrity, and availability. Advises and assists the Information Security Officer and Security Operations Manager on current threats, enterprise security gaps, policy violations, and cybersecurity enhancement recommendations.
Serve as an enterprise cybersecurity subject matter expert, communicate complex technical and risk topics to non-technical audiences, and mentor less experienced team members.
Subject to call back at all times.
Required to sit for extended periods.
Subject to standard office working conditions with intermittent exposure to noisy computer equipment.
Ability to withstand occasionally stressful working conditions due to tight project schedules and hardware or software problems.
Ability to understand complex verbal and written communications, and respond verbally or in writing as appropriate. Typical mediums of communication include face-to-face dialog, telephone, memos, and electronic mail.
Ability to read and understand technical manuals and other documentation to determine correct action, safety precautions, and other conditions of proper hardware and software operation.
Ability to work varying hours due to the accessibility of individuals or equipment involved in different projects, the need to minimize system downtime or user interruption, or to recover from hardware or software failures.
The physical requirements of this position are: ability to occasionally lift and/or move equipment up to 25 pounds without assistance. Must occasionally lift and/or move equipment up to 40 pounds with assistance.
Ability to occasionally crouch, kneel, bend and/or crawl to access, inspect, connect, position or perform other operations on equipment. Some locations, such as user or equipment locations, may present very close quarters.
Subject to regular periods of repetitive hand motion in the operation of computer terminals and other equipment.
Must be able to travel to any area of the MH organization, both local and remote as needed. Must provide own transportation.