Job Description:
The Cyber Security Architect will be responsible for developing and implementing robust security architectures for our enterprise systems. This role requires a deep understanding of current cybersecurity threats and the ability to apply cutting-edge technologies to protect our assets. The ideal candidate will have a strong background in network security, cloud security, and application security, coupled with experience in designing and implementing security strategies that comply with industry regulations.
Key Responsibilities:
Security Architecture Design:
- Develop and implement comprehensive security architectures across the organization's IT systems.
- Design and implement security controls to protect sensitive data and systems from cyber threats.
- Evaluate and integrate new security technologies into the existing architecture to enhance protection.
Threat Management and Incident Response:
- Lead the identification, assessment, and prioritization of cybersecurity threats and vulnerabilities.
- Develop and implement incident response strategies, including detection, containment, eradication, and recovery.
- Collaborate with the SOC team to monitor and respond to security incidents.
Cloud Security:
- Design and implement security measures for cloud-based applications and infrastructure (AWS, Azure, GCP).
- Ensure compliance with cloud security best practices and industry standards.
Network and Endpoint Security:
- Implement network security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
- Deploy and manage endpoint security solutions to protect against malware, ransomware, and other threats.
Identity and Access Management (IAM):
- Design and implement IAM solutions, including multi-factor authentication (MFA), single sign-on (SSO), and privileged access management (PAM).
- Ensure secure and compliant user access to systems and data.
Security Compliance and Governance:
- Ensure the organization's security posture complies with industry regulations (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001).
- Develop and enforce security policies, standards, and procedures.
Vulnerability Management:
- Conduct regular security assessments, vulnerability scans, and penetration tests.
- Develop and implement strategies to remediate identified vulnerabilities.
Collaboration and Communication:
- Work closely with IT, DevOps, and application development teams to integrate security into the software development lifecycle (DevSecOps).
- Provide guidance and mentorship to other members of the security team.
- Experience:
- Minimum of 12 years of experience in cybersecurity, with at least [Y] years in a security architect role.
- Proven experience in designing and implementing security architectures for large-scale organizations.
- Experience with cloud security frameworks and tools (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center).
Certifications:
- Top cybersecurity certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), or Certified Ethical Hacker (CEH).
Technical Skills:
- Strong knowledge of network security protocols, encryption, and authentication methods.
- Hands-on experience with security technologies such as firewalls, IDS/IPS, SIEM, DLP, EDR, and WAF.
- Proficient in scripting and automation using languages such as Python, PowerShell, or Bash.
- Familiarity with zero-trust architecture, micro-segmentation, and secure access service edge (SASE) frameworks.
- Knowledge of artificial intelligence (AI) and machine learning (ML) applications in cybersecurity is a plus.