Skill
- Security architecture review and development of cyber security controls for Cloud, Network, Endpoint, and Applications;
- Develop and maintain documentation on design patterns and security architecture requirements;
- Collaborate with IT and business stakeholders, and enterprise architects, to understand the business direction and consequent impact of implementing cyber security architecture changes and control adoption;
- Assist in optimizing cyber security program by implementing Policies, Standards, and Security baselines;
- Monitor industry best practices and trends to support the ongoing development of cyber controls to remediate current and emerging cyber threats;
- Develop and implement cyber security solutions for applications, endpoint security, web & email security, cloud security, FW/IPS, and zero-trust network architecture;
- Review Security Operations Center reports, threat reports, audit reports, and regulatory changes to identify and initiate risk prioritization and remediation;
- Partner with security service providers to drive improvements in the security posture;
- Continuously monitor and evaluate the environment, including third-party integrations, through self-assessments and independent security reviews;
- Assess and manage Cloud security posture through continuous control monitoring;
- Define and implement security mitigation plan to quickly respond to control weaknesses and threats;
Certifications
- Minimum 7 years of experience in Cyber Security, Control evaluation and design;
- Must have 5 years of experience in designing Cloud, Network and Application security architecture;
- At least one certification such as CISSP, CCSP, CISM, GIAC;
- Demonstrated experience applying security and risk frameworks, and regulations such as NIST CSF/[Phone Number Removed];, NERC CIP, CIS, CMMC, OWASP, CSA, etc.
- Deep technical knowledge and experience in Network Security, Cloud Security, Application Security, Endpoint, Firewall/IPS, Web and Email security;
- Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications
Desired Skills:
- CyberSecurity
Desired Qualification Level:
- Certificate