|
Hi,
I hope you’re doing well!
Please look at the requirements below, let us know of your interest, and send us your updated resume to rajesh@spiceorb.com
Job Description: Principal Cybersecurity Engineer / Jr Cybersecurity Architect
Location: Bellevue, WA; Overland Park, KS; Frisco, TX; Ravinia, GA; or Herndon, VA
Onsite Requirement: 3 days per week onsite at Frisco, TX office – 3560 Dallas Pkwy, Frisco, TX 75034, United States
Role Overview
This role serves as a subject matter expert responsible for driving vision and strengthening the security posture across mobile devices, IoT, enterprise applications, cloud, big data, core carrier network technologies, and more. You will act as a principal security advisor, collaborating across teams to deliver secure projects and services to enterprise customers.
Key Responsibilities
- Information Security Review: Lead security reviews for new technologies, designs, and remediation planning efforts.
- Vulnerability Management: Collaborate with Engineering & Operations Teams to address vulnerabilities from PSIRTs, scans, or breaches; implement, test, and monitor improvements.
- Threat Modeling & Analysis: Apply various threat modeling approaches, such as STRIDE, PASTA, TRIKE, and ATTACK TREE, to create comprehensive threat models addressing trust boundaries, threat agents, vectors, and safeguards.
- Firewall & Network Security: Design and oversee firewall policies, SSL management, and vulnerability analysis/mitigation efforts.
- Advanced Threat Protection: Understand advanced IP/security solutions in Wireless Network Architecture and provide expertise in network and information security topics, including IDS/IPS, SIEM, malware protection, and privileged account management.
- Technical Requirements & Documentation: Develop detailed technical specifications and work autonomously on evolving technologies, conducting validation or research as required.
- Cross-functional Collaboration: Effectively present security concepts to leadership, peers, and various technical/non-technical teams.
- Regulatory Compliance: Ensure adherence to federal and compliance regulations, including SOX, PCI, and CPNI.
Required Skills and Qualifications
- Cybersecurity Experience: 10+ years in cybersecurity, focusing on network and information security.
- Programming and Scripting: 5+ years of experience with Java, frameworks, Python, and Node.js; advanced skills in scripting (Python, Perl, Shell, HTML, PHP).
- Threat Modeling: 5+ years of experience with STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Cyber Threat Trees, and data flow diagrams.
- SSL & Firewall Policy Design: 8+ years in SSL certificate management and 5+ years in firewall policy design.
- Security Tools & Technologies: 5+ years with various security tools, such as load balancers (A10, F5), firewalls (CheckPoint), Venafi, Mobile Iron, AWS, Azure, FireEye, CyberArk, ArcSight, Splunk, Symantec, PCF, Docker, Qualys, and Veracode.
- Mobile & IoT Security: Experience with mobile application security and handset security.
Preferred Domain Experience
- Telecom Industry: Experience in telecommunications is preferred but not mandatory.
Certifications
Relevant cybersecurity certifications are advantageous, with prior UST experience preferred if applicable.
Regards,
Rajesh Kumar
[email protected]
|
