Hi,
I hope you’re doing well!
Please look at the requirements below, let us know of your interest, and send us your updated resume to [email protected]
Role: Cyber Security Architect
Location – Frisco TX
Job Description:
Key Responsibilities:
- Security Reviews & Assessments: Lead the information security review of new technologies, designs, and remediation planning efforts to ensure compliance with security best practices.
- Vulnerability Management: Collaborate with Engineering & Operations teams to address security vulnerabilities found through PSIRTs, security scans, or incidents, providing remediation plans and implementing improvements.
- Threat Modeling & Risk Analysis: Apply in-depth knowledge of threat modeling (e.g., STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC) and threat identification techniques to analyze risks and develop safeguards to protect assets, data, and brand integrity.
- Subject Matter Expertise: Act as the go-to expert in areas such as firewall policy design, SSL certificate management, vulnerability analysis, IP/Security solutions for Wireless Networks, and mobile application security.
- Proactive Security Design: Work closely with client engineers to design and build proactive security measures, enhancing the security posture for mobile, IoT, enterprise applications, cloud, big data, and network technologies.
- Incident Investigation & Resolution: Lead or support investigations into security breaches or vulnerabilities, providing actionable resolutions and continuous improvements.
- Compliance & Regulatory Knowledge: Ensure adherence to federal and compliance regulations such as SOX, PCI, and CPNI, and advise teams on best practices to meet regulatory standards.
- Cross-Functional Collaboration: Serve as a Principal security advisor for cross-functional teams, ensuring security best practices are applied across various projects and services for enterprise customers.
- Documentation & Reporting: Create technical specifications, security requirements, and documentation for security improvements and solutions. Present complex security concepts and reports to leadership, peers, and other stakeholders.
Required Skills & Qualifications:
- Technical Expertise:
- Advanced knowledge of network security, including firewalls, SSL certificate management, intrusion detection/prevention (IDS/IPS), and vulnerability analysis (e.g., CheckPoint, F5, Symantec).
- Experience with cloud platforms (AWS, Azure), malware protection (e.g., FireEye), privileged access management (e.g., CyberArk), and SIEM solutions (e.g., Splunk, ArcSight).
- In-depth knowledge of threat modeling methodologies (STRIDE, PASTA, TRIKE, ATTACK TREE, etc.).
- Strong experience with security protocols and technologies applicable to mobile devices, IoT devices, and enterprise network infrastructures (LAN, WAN, MAN).
- Expertise in TCP/IP, VPNs, load balancers (e.g., A10, F5), and web application security (e.g., Veracode, Qualys).
- Scripting & Development Skills:
- Advanced knowledge of scripting tools such as Python, Perl, Shell, HTML, PHP, and JavaScript (Node.js).
- Working knowledge of web application development and RESTful APIs.
- Security Tools & Technologies:
- Familiarity with scanning tools (e.g., Qualys), AppSec tools (e.g., Veracode), mobile device management (e.g., Mobile Iron), and application security frameworks.
- Experience with network security technologies such as load balancing, firewalls, and intrusion detection/prevention systems.
- Compliance & Regulatory Knowledge:
- Deep understanding of federal regulations such as SOX, PCI, and CPNI, and how to implement security measures to comply with them.
- Communication & Leadership Skills:
- Strong verbal and written communication skills, capable of presenting complex security concepts to senior leadership, engineers, and other technical teams.
- Ability to work independently, drive security initiatives, and mentor teams to ensure effective security measures across all projects.
Preferred Qualifications:
- Experience with cloud-native security platforms such as PCF, Docker, Kubernetes.
- Expertise in security-related aspects of big data, enterprise applications, and telecommunications networks (core and carrier network technologies).
- Security certifications (e.g., CISSP, CISM, CEH) are a plus.
- Enterprise network infrastructures (LAN, WAN, MAN)
- Expertise in TCP/IP, VPNs
With Regards
Kishore Reddy
|