Cyber Security Architect

Job Summary

Under the guidance of the Asst. Director of Cyber Operations, the Cybersecurity Architect is instrumental in the identification and mitigation of cyber threats. The Cybersecurity Architect is a strategic and tactical leader in our cybersecurity operations. This role combines the aspects of incident response, threat detection, and security architecture with an additional emphasis on cloud, storage, and email security engineering. This individual will leverage their extensive experience and deep understanding of the cyber threat landscape to shape our organization's cybersecurity strategy. They will work to architect robust systems and methodologies to counteract evolving threats, ensuring that our business continuity and disaster recovery plans are always state-of-the-art.

Responsibilities Include:

• Develop, implement, and maintain the organization's security tools and systems.
• Analyzes future enterprise needs develops plans and systems to secure the organization.
• Evaluates weaknesses in current security deployments and develops and implements remediations.
• Evaluates security trends, evolving threats, risks, and vulnerabilities and applies tools / processes to detect and mitigate risk.
• Monitor security alerts and incidents.
• Develop, lead, and perform security audits, risk analysis, network forensics, and penetration testing.
• Design new security systems or upgrade existing ones.
• Maintain awareness of the cybersecurity landscape, including new vulnerabilities and attack techniques.
• Analyze network traffic and system data for anomaly detection and threat hunting.
• Conduct regular security assessments and provide recommendations to enhance security posture.
• Collaborate with the team to research, design, and implement effective cyber threat detection systems.
• Create and maintain technical documentation, including incident reports, procedures, and process flows.
• Regularly review and update security policies and procedures in line with the latest threats and regulatory requirements.
• Participate in security incident drills and post-incident reviews to ensure continuous improvement.
• Provide regular updates to the Assistant Director of Cyber Operations, CISO, or other leadership on security status, incident updates, and continuous improvement efforts.
• Support the implementation and use of security software tools including intrusion detection systems, endpoint detection and response, authentication systems, log management, content filtering, etc.
• Work on special projects and initiatives related to cybersecurity as assigned.
• Providing mentorship and point of escalation for junior members on the team.

Qualifications

• Bachelor's degree in Computer Science, Information Technology, Business Admin or related field; with seven years Information Systems or related experience with five years focused on IT Security.
• Additional relevant experience can be substituted for a degree. Graduate degrees can be substituted for additional experience.
• Demonstrated ability to design, understand and apply state-of-the-art security technologies in computer systems, networking, and telecommunication to the needs of a complex organization with multiple locations and large number of users of enterprise applications
• Knowledge of the current and developing cybersecurity threat landscape, industry best practices, threat hunting, intelligence, and forensics.
• Analytical, conceptual, problem solving, and written/verbal communication skills
• Knowledge of SIEM, EDR, IDS/IPS, Incident Response, SOAR, Red/Blue/Purple team operations, email security, vulnerability management, forensics, cloud security, and firewalls.
• Proven ability to design, lead, and implement security systems with minimal oversight.
• Expert understanding of best practice cloud and active directory security implementations.
• Expert understanding of virtualization and enterprise architecture.

Qualifications (Preferred):

• Possess an industry recognized InfoSec certification, such as CISSP, CCSP, Azure certifications, or equivalent
• Master's degree in Computer Science, Information Technology, Business Admin or related field
• 7+ years working with cybersecurity operations to include threat hunting, intelligence, detection engineering, and security architecture
• Experience in a threat hunting/analysis team, security operations center, or similar tasked team