Our client is hiring for a Security Architect. This is a Permanent position and will be fully remote (located anywhere within the US). As a key member of the Cybersecurity team, you will actively contribute to the development of the information security strategy for the organization and will provide guidance and expertise in the development of Cybersecurity standards, architectural governance and design practices.
location: Sparks, Nevada
job type: Permanent
salary: $115,000 - 150,000 per year
work hours: 8am to 4pm
As a key member of the Cybersecurity team, you will actively contribute to the development of the information security strategy for the organization and will provide guidance and expertise in the development of Cybersecurity standards, architectural governance and design practices. Including, core products and platforms as well as other key initiatives and projects across the enterprise.
You will partner with the business, IT, development teams, and assist in the secure design and implementation of advanced security concepts involving blockchain technologies. Additional responsibilities include the ability to provide a consultative approach to very complex security design requirements as well as the ability to manage and support secure data center operations with deep knowledge and experience in systems security, network security, and Cybersecurity operations. Other responsibilities include:
- Defining technical security standards and core cybersecurity principles for the organization.
- Designing and documenting security architecture design requirements for new and existing products and solutions.
- Demonstrating a broad talent and skillset on security principles necessary to negotiate and persuade technology direction to increase the confidentiality, integrity, availability, secure authentication, and non-repudiation of Blockchains systems, networks, and products.
- Evaluating product design features and identifying security gaps via threat modeling.
- Assessing the security posture of enterprise networks and systems and recommend changes for enhanced cybersecurity resiliency.
- Assisting in Cybersecurity risk management reviews, vulnerability management, ethical hacking, threat hunting, and threat intelligence programs.
- Managing security threats and helping the business understand the potential security implications of ongoing projects.
- Ensuring global product development teams have the necessary education resources and tools available to incorporate security into development practices and automated build and deployment processes.
- Assisting in the planning and execution of Cybersecurity audits and investigations.
To ensure success, you must have a passion for security and be detailed-oriented. You are a diligent worker who is equally technical, and business minded. You are knowledgeable in taking a risk-based approach to prioritize security efforts. You can assist in leading efforts to improve the overall security posture of the organization. You have the ability to work with numerous cross-functional teams in a fast paced, growing company.
Your Education And Experience
This position requires 8+ years of experience working in Cybersecurity roles to include - risk management, identity management, security engineering, penetration testing or ethical hacking, software security & DevSecOps, Security GRC, and Security Operations. You possess professional certification to include CISSP, CISM, CISA, OSCP, ETH, CCSP and/or other designations. This position also requires you to have a deep understanding of practices relating to IT standards such as ISO/IEC 27001, ISO 22237, SOC2/SOC3, and CCSS (Cryptocurrency Security Standard). Additional competencies are included below:
- Enterprise grade networking and a firm understanding of Layer 2/3 and advanced protocols (STP, VRRP, etc.).
- Enterprise firewalls and secure design principles (DMZ's, ACL's, NAT/PAT, ssl-offloading & traffic inspection, etc.).
- Intrusion detection systems, EDR's, SIEM's, SOC-automation experience, etc.
- Hyperconverged Infrastructures and automation tools.
- Orchestration with Kubernetes.
- Systems and storage experience with a focus on containerization.
- Linux & Windows security hardening expertise and Syslog/monitoring and alerting.
- Key Management Processes and integration with Hardware Security Modules (HSM's).
- Knowledge and experience with Java, C#, or similar and solid scripting skills (shell/python).
- Experience implementing a Secure-SLDC and associated processes.
- Secure design methodologies and threat modeling.
- Applied knowledge and experience with Cybersecurity Frameworks: NIST-CSF.
- Excellent understanding of managing Cybersecurity Risk.
- Outstanding ability to design compensating controls to increase visibility and reduce risk.
- Cloud Security Design and architectures to include CASB technologies.
- Experience implementing Privilege Account Management technologies.
- Experience implementing Network Admission Control & Zero Trust technologies.
- Working knowledge of Product Security Incident Response (P-SIRT) and SIRT.
- Experience level: Experienced
- Minimum 10 years of experience
- Education: Bachelors
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
For certain assignments, Covid-19 vaccination and/or testing may be required by Randstad's client or applicable federal mandate, subject to approved medical or religious accommodations. Carefully review the job posting for details on vaccine/testing requirements or ask your Randstad representative for more information.