Cyber Security Architect - Certified CISSP

Cyber Security Architect - Certified CISSP

Posted 1 week ago by 1752900414

Apply
Negotiable
Outside
Remote
USA
Apply
Access Controls Amazon Web Services (AWS) API Management Application Programming Interface (API) Azure Load Balancer Azure Security Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Technologies Cloud Technology Cyber Incident Response Cyber Security Data Encryption Encryption Firewall Google Cloud Google Cloud Platform (GCP) Information Assurance Information Security Management Information Systems Information Systems Security Information Technology Infrastructure As A Service (IaaS) Key Management Lifecycle Management Life Cycle Planning Management Microsoft Azure Network Access Control Platform as a Service (PaaS) Public Key Infrastructure Risk Analysis Risk Management Scheduling Security Information And Event Management (SIEM) SSL Security Supervision Systems Engineering Technical Documentation Vulnerability Vulnerability Scanning

Summary: The Cyber Security Architect role requires a certified CISSP professional with extensive experience in cybersecurity, focusing on secure architecture design and implementation. The candidate will lead security architecture initiatives, manage security technologies, and respond to incidents while ensuring compliance and risk management. The position emphasizes practical experience over tool-centric roles and requires a strong understanding of cloud technologies and security frameworks. The role is remote and classified as outside IR35.

Key Responsibilities:

  • Architect, design, implement, maintain, and operate information system security controls and countermeasures.
  • Lead the planning, design, documentation, and engineering of security and compliance solutions across the enterprise.
  • Define, develop, document, and implement new security components and integrations.
  • Evaluate and manage the life-cycle of security technologies.
  • Prepare reports on risk analysis, security compliance, and incidents.
  • Lead incident response team activities and monitor for new security threats.
  • Identify security risks and recommend corrective actions.
  • Conduct regular design reviews for requirements implementation.

Key Skills:

  • Current CISSP certification is required.
  • 10+ years of experience in Information Technology, with 5+ years in cybersecurity roles.
  • Expertise in API security and key management.
  • Understanding of end-to-end architecture and flow between network and security components.
  • Exceptional knowledge of cloud technologies (Azure, AWS, Google Cloud Platform) and on-premise secure networks.
  • Advanced knowledge of common attacks and defense architectures.
  • Experience with security technologies such as SIEM, IPS/IDS, and encryption technologies.
  • Outstanding interpersonal and communication skills.
  • Experience with Information Security policy development and risk assessment methodologies.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Title: Cyber Security Architect - Certified CISSP

Duration: 12 Months
Locations: Remote

Need experience working in a cybersecurity department Current CISSP cert is required
Customer is not wanting a very tool-focused individual. Having a leading vendor in his job titles for the last couple of roles could be a red flag for the customer.
SME needs to see examples on their resume of secure architectures that they have actively configured, not just advised on compliance for.

What You ll Be Doing: Security Architecture
Gain understanding of current state and target state architectures, then work to define a strategy for technical direction around security.
Architect, design, implement, maintain, and operates information system security controls and countermeasures.
Leads the planning, design, documentation, and engineering of security and compliance solutions across the enterprise.
Defines, develops, documents, and implements new security components and integrations.
Provides techniques and patterns for securing integration with external vendors or cloud providers.
Subject matter expert/contributor measurably improving the overall security framework and program.
Leads regular design reviews for requirements implementation.

Security Administration
Evaluates and plays an active role in life-cycle management of multiple technologies designed to protect information.
Create and maintain process and or procedures for security technologies.
Prepare periodical reports on risk analysis reviews, security compliance reviews, and security incidents, etc.

Incident Response
Lead incident response team activities.
Monitor for new security threats and makes recommendations for additional controls.
Identify security risks to the organization and recommend corrective actions.
Provide oversight of complex security incidents and escalations, performing advanced analysis and troubleshooting, and resolving incidents.

The Ideal Candidate: Education:
Bachelor of Science Degree in Systems Engineering, Electrical Engineering, Computer Sciences, Computer Engineering, Information Security, or other related engineering degree, or equivalent experience.

Experience:
Industry recognized security certifications; CISSP: Certified Information Systems Security Professional (MUST), CISM: Certified Information Security Manager, GIAC: SANS Global Information Assurance Certification, vendor certifications such as Azure Security Engineer (AZ500), etc
10+ years experience in an Information Technology role, with 5+ years specific to an Information or Cybersecurity role that include expertise in design, development, and deployment of complex highly available, and secure, integration solutions.
API Security and Key Management: Expertise in securely storing and managing API keys using tools such as Key Vaults or similar secrets management solutions.
Infrastructure and API Integration: Understanding of the end-to-end architecture and flow between network and security components (e.g., Firewall, Load Balancer, API Management) and how they interact with API endpoints to ensure secure and reliable communication

Specialized Skills:
Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such Azure/AWS/Google Cloud Platform, as well as traditional on-premise secure networks, firewalls and intrusion-detection/prevention systems.
Advanced knowledge regarding common attacks, attack methods, and defense architectures.
Expert level experience in four or more of the following Security Technologies:
o Cloud Technology Platforms, AZURE, IaaS, PaaS, SaaS
o Network Intrusion Prevention/Detection (IPS/IDS)
o Security Information and Event Management (SIEM)
o Virtual Private Networks; SSL, IPSec and Site-to-Site
o Public Key Infrastructure (PKI)
o Network Access Controls (NAC)
o Next-Gen enterprise class firewalls
o Encryption technologies
o Vulnerability scanning tools
o Application scanning tools
Extensive ability to estimate, plan, lead and execute complex technical projects while working independently and/or in a team. Undertaking and completing project tasks on schedule with minimal to no supervision.
Outstanding interpersonal skills, effective communication with internal and external personnel at peer and executive management levels.
Highly adept in interfacing with developers, engineering, and customers.
Experience with Information Security policy and procedure development and implementation.
Knowledge of Information Security risk assessment methodologies and standards.
Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers.

Apply
Similar Jobs
Loading data...