The point where experts and best companies meet
Share
Role Overview
In this high visibility role, you will play an integral part in the Security for every significant internal company project. In this mission critical role, you will provide the following primary services: 1) review and approval of IT solutions ensuring compliance with organizational controls and industry best practices, 2) information security risk assessments (tactical and strategic), 3) corporate strategy development, as related to information security, 4) review and approval of technologies added to the IT environment, 5) support the CSO department in cross-organizational issues, and 6) develop code to interact between databases, services and APIs to orchestrate and automate security incidents, vulnerabilities and countermeasures and create metrics.
Responsibilities
Support multiple security domains relative to Data Protection, IT Risk Management, Network Security, Cloud Security, Security Operations, Identity and Access Management
Design, Create and maintain code to connect APIs, Databases and services
Experience with:
Encryption concepts and implementation methods.
CASB, Zero Trust, Application and Database Security.
Industry standards and security frameworks like NIST, CIS.
SaaS Secure Platforms.
Creating and maintaining Information Security reference architecture.
Review of security designs submitted by members of various teams.
Research and develop/recommend solutions to address gaps in the internal security framework.
Design and drive/increase the adoption of security-related tools and processes, including network and endpoint security, threat modeling, etc.
Estimate resource requirements for security-related portions of projects presented by project managers.
Work closely with peers in Security Operations, IT Operations, Develop, Security Compliance, and other internal teams to ensure that security projects provide feasible requirements and are consistent with strategy and regulatory requirements such as FFIEC, PCI, and HIPPA.
Assist management in defining the overall information security strategy.
Monitor information security news and keep abreast of events, research, and developments.
Ensure appropriate knowledge transfer to enable technology teams to design and implement appropriate safeguards and security solutions.
Support risk management through identifying risks and gaps in security needs and defining solutions to address gaps.
Design in-house solutions for maintaining security posture.
Assist in the development of training and awareness materials to help teach and educate other teams in best practices concerning security.
Knowledge of multiple programming languages.
Minimum Requirements
Minimum of 3 years of IT or security cloud architecture experience.
Minimum of 5 years of cyber security experience (Network Security, Security Operations, Identity and Access Management).
Knowledge of multiple programming languages.
Preferred Skills
Experience with ISO 27001, FFIEC, NIST CSF, PCI, and HIPPA compliance frameworks.
Experience with code development
Experience designing AWS cloud-based solutions.
One or more of the following certifications: CISSP-ISSAP, CSSLP, SSCP.
Python/Powershell experience strongly preferred
Experience with IT solution design reviews and threat modeling.
Experience building Web based enterprise applications.
These jobs might be a good fit