|Published||September 14, 2023|
The Senior Cybersecurity Architect will report to the Cybersecurity Manager. This role is highly technical as the primary focus is on designing and implementing security measures for the protection of computer systems, networks, and information; identifying and defining system security requirements; and designing computer security architecture and developing detailed cybersecurity designs. This role requires a holistic depth of knowledge across the security technology tools stack as well as hands-on keyboard experience and ability to work collaboratively across the organization.
The Senior Cybersecurity Architect will be expected to approach challenges with a solution mindset. The position provides a great opportunity for advancement. You will need to represent the cybersecurity team in front of application owners, executives, and other key stakeholders across the organization to articulate security solutions to address risks in the organization. You will work to develop, maintain, and report on requirements to secure systems and information. You will make things more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. This requires an expert understanding of the OSI model, and extensive experience in the application of defense in depth strategies.
Primary Duties & Responsibilities
- Keeps abreast of industry trends and current emerging risks.
- Engineer, implement and monitor security measures for the protection of computer systems, networks, and information.
- Identify and define system security requirements.
- Design computer security architecture and develop detailed cyber security designs.
- Prepare and document standard operating procedures and protocols.
- Configure and troubleshoot security infrastructure devices.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Write comprehensive reports including current solutions, identified issues, and propositions for further system security enhancement.
- Actively participates in the implementation of sustainable improvement processes, such as 5S, Kaizen, Total Productive Maintenance (TPM), Daily Management Control, Standard Work and Problem Solving
Other Related Duties
- Participates in the Operation Excellence Program as outlined by the Company.
- Other duties and special projects as assigned.
The requirements listed in the sections that follow are representative of the knowledge, skills and/or abilities required to perform the duties of this job. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions (primary duties) of the job.
- Bachelor's Degree is required. Concentration in computer science, computer engineering, or information systems with emphasis on IT/Information/Cyber-security preferred.
- Minimum of 5+ years of experience in information services with 5 years of demonstrable and progressive experience operating as a security engineer or technical security architect.
- Requires in-depth understanding of Information Security practices for network, servers, databases, applications, and advanced use of technology architecture models and modeling (such as SABSA Sherwood Applied Business Security Architecture).
Other Desired Experience:
- Master's degree in computer science, information systems, engineering, business administration or a related field is preferred, but not required.
- Strong understanding of information security and the relationship between threat, vulnerability, and information value in the context of risk management.
- Ability to gather, analyze and interpret business drivers and develop practical security solutions that provide adequate security to support the business.
- Possess a good understanding of appropriate leading-edge technologies.
- Known to relevant technology companies as a thought leader around security, privacy and supporting technologies.
- Extensive experience working across a diverse and inclusive team environment with strong commitment to respect, equality, and teaming.
Skills and attributes for success include the following:
- Information Security Principles, Technologies, and Practices.
- Proven experience with multiple security event detection platforms.
- Expert understanding of TCP/IP networking skills to perform network analysis to isolate and diagnose.
- Extensive experience in information security and/or IT risk management with a focus on security, performance, and reliability
- Solid understanding of security protocols, cryptography, authentication, authorization, and security.
- Experience implementing multi-factor authentication, single sign-on, identity management or related technologies.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- Excellent written and verbal communication skills required. Must be able to communicate technical details clearly.
- Integrity in a professional environment.
Minimum of 5 years of experience in one or more of the following:
- Proven working experience in installing, configuring, and troubleshooting security solutions in a Windows-based environment.
- Solid experience in the security administration and performance tuning of application stacks
- Experience with virtualization and containerization
- Experience with automation software
- Solid scripting skills (e.g., Power Shell, shell scripts, Perl, Ruby, Python)
- Solid networking knowledge (OSI network layers, TCP/IP)
Should have detailed understanding on below technologies:
- Anti-virus software and other end-point security tools
- Server security
- Full Disk encryption
- Intrusion prevention system (IDS/IPS)
- Vulnerability assessment tools
- Network Access Control software (NAC)
- Security monitoring tools
- Data Loss Prevention (DLP)
- Identity and Access Management (IAM)
- Certified Information Systems Security Professional (CISSP) OR
- CompTIA Security+
- Other related certifications such as CISM (Certified Information Security Manager), SANS/GDSA, SANS/GISP, SANS/GSEC, SANS/GISF are preferred, but not required.
Knowledge of Cybersecurity Frameworks (e.g. NIST CSF, ISO27001) would be desirable
Critical competencies for success:
- Leadership skills: Must have the proven ability to lead the development, planning, coordination, and monitoring of security solution design and development and be a key part of the overall leadership for all aspects of information security. This leader will be known as a collaborative individual who can serve effectively as an active contributor. Must be able to communicate effectively regarding security, privacy, risk, compliance, strategy and the required investments to technologists and business personnel.
- Security knowledge: Able to draw upon proven experience to recommend and gain buy-in to numerous information security policies and solutions. He/she will be able to provide leadership by demonstrating subject matter expertise. This individual is able to represent the interests of the organization and gain support from stakeholders.
- Ability to deliver: This individual will have the proven ability to contribute solutions to large, complex projects across various business and functional departments as they pertain to risk and security matters. He/she can create a positive and productive mindset with solutions to meet clear objectives, goals and effective processes.
- Travel to other work sites may occur.
Candidate must have a well-developed business understanding, working knowledge of customer requirements and demonstrate a balance between analytical and creative thinking. Candidate must also be a self-starter who seeks responsibility and is able to work with minimal direction. Candidate must have demonstrated a willingness to challenge conventional ideas, be flexible, innovative, and be able to function effectively in a team environment and possess superior analytical and problem-solving skills. Candidate must be proficient in personal computers and related databases. Computer skills required include knowledge of spreadsheets, database and word processing software on PC based systems. Candidate must possess excellent organizational and communication skills. Candidate must possess strong interpersonal skills and have the ability to communicate.
While performing the duties of this job, an employee is typically required to have the ability to coordinate movements, regularly stand, walk, bend, squat, climb, reach, crouch, and kneel during a work shift, have manual dexterity, select and use appropriate equipment/tools to accomplish job duties, read, write, listen, speak and understand English, follow all instructions and other oral/written information, visually inspect equipment/work area, complete paperwork and other documentation accurately, identify, analyze, troubleshoot and solve issues using judgment, react quickly as needed, be organized and detail oriented, be able to identify/judge the urgency of a situation, use judgment in decision making, make decisions in a timely manner, manage multiple priorities, communicate effectively with others, be aware of oneself in relation to surrounding equipment, and work independently. Ability to instruct/transfer job information/knowledge to others is preferred.
The employee is expected to be self-directed, take initiative and be persistent when appropriate to accomplish necessary duties and keep busy without prompting. Additionally, the employee is expected to be adaptable/flexible to changing work assignments, have a high level of integrity, dependability and self control to maintain composure, perform multiple tasks at once, learn and memorize procedures, manage time effectively and efficiently, meet established deadlines, display a cooperative demeanor, read, understand and follow all company, job specific and safety policies/procedures, and attend/use all required training. Ability to travel is required.