
PRINCIPALDUTIES AND RESPONSIBILITIES:
Work closely with engineering,operations,and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet businessobjectivesand regulatory requirements.
Assess and understand the organization’s current security posture and future architecturerequirements, providing recommendations for improvement and risk reduction.
Ensures implementedsolutions support cybersecurityarchitectureobjectives(availability, scalability, performance, security, etc.), asappropriate, and monitors implementation activities to ensure architecture and design principles are upheld.
Supports the implementation oftechnical artifacts(frameworks, standards, and repeatable patterns, etc.)thatconstitutethe enterprise information security architecture and solutionsand work with infrastructure teams to ensureadoption.
Serve as a security expert in application development, database design,networkand/or platform (operating system) efforts, helping project teamscomply withenterprise and security policies, industry regulations, and best practices.
Design security configuration guidelines for information technology devices and systems, as well as mechanisms for assessing compliance within those guidelines.
Participate in the design andimplementationofa comprehensive Zero Trust Architecture framework to ensure the confidentiality, integrity, and availability of our systems and data.
Contribute the creation ofsecurity policies, access controls, and authentication mechanisms based on Zero Trust principles.
Evaluate existing network and security infrastructure,identifyvulnerabilities, and recommend enhancements to align with Zero Trust principles.
Familiarity with OWASP, SANS Top 20 and prevention/remediation techniques and their implementation.
Ability to work in a group development environment as an application security engineer across software engineer, QAengineerand build/test/release engineer teams.
Experienceindeploy/maintain/support/analyzing DAST/SAST scanresult
Manage the tactical execution of short- and long-termobjectivesthrough the coordination of activities with a direct responsibility for results, including costs, methods, and staffing.
PHYSICAL DEMANDS AND WORKING CONDITIONS:
The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
SUPERVISION:
None
EDUCATION:
Bachelor's degree in management information systems, Computer Science, or business/sciencerelated fieldrequired.
EXPERIENCE AND REQUIRED SKILLS:
6-10years of experience working with internal/external audits or risk management - methods and techniques for the assessment and management of risk.
Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment.Additionalexperience in cyber risk management and assessments will be considered.
Strong understanding of network architecture, protocols, and security technologies.
Familiarity with cloud computing platforms, such as AWS, Azure, or Google Cloud, and their associated security services.
Proficiencyin security frameworks and standards, such as ISO 27001, NIST, and CIS.
Ability tooperateas apro-activeand result-driven problem solver with excellent analytical and interpersonal skills.
Ability to understand IT processes, managementobjectivesrisk appetite and tolerances and impact ofobjectives,of changes to risk profiles.
CISA, CISSP,CRISC, or other relevant certification(s)desired.
Strongclient services orientation andcommunication skills coupled with a high sense of urgency to keepappropriate partnersinformed, including solutions to overcome obstacles to deliver to expectation.
Experience in IT governance, risk, and controls, including governance frameworks.
Demonstrated technical writing,communication,and presentationskills.
Ability to work effectively in a team environment.
Creativity in addressing technical challenges.
Proven record to deliver results.
The rate of pay for this position will depend on the successful candidate’s work location and qualifications, including relevant education, work experience, skills, and competencies.
Annual Rate: $137,000.00 - $229,000.00
Benefit Overview: This position offers a comprehensive benefits package including medical, dental, and vision insurance, a 401(k) with company match, paid time off, parental leave.