Overview
Skills
Job Details
Security Solution Architect
Location: Remote
Required:
Bachelor or Associates degree in computer science, information systems, cybersecurity or a related field or equivalent experience/certification.
5-7+ years of Information Technology experience including 5+ years security experience in conducting security reviews and accreditation.
2+ years experience developing Security Architectures and Solutions.
2+ years experience reviewing and identifying security risks/gaps.
The Associate Security Solution Architect must have at least two years experience with some or all of the following:
o Experience in using architecture methodologies such as TOGAF, SABSA, Zachman, etc
o Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
o Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
o Experience securing CI/CD pipelines.
o Experience in public cloud security such as AWS, Azure, Alibaba Cloud, Oracle Cloud
o Full-stack knowledge of IT infrastructure
Could infrastructure and technologies
Databases
Operating systems Windows, Unix and Linux
Hypervisors
IP networks WAN and LAN
Storage networks and technologies
Backup networks and media
Containers/Kubernetes
o Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
Change management
Configuration management
Asset management
Incident management
Problem management
Additional Experience and Skills
Experience in conducting independent research
Direct interaction with cross functional, sourced, or matrixes teams
Preferred
Direct, hands-on experience or strong working knowledge of managing security infrastructure e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
Experience in providing input to or developing Enterprise Security Strategies.
Verifiable experience reviewing application code for security vulnerabilities.
Current information security certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISACA's CISA, The Open Group's TOGAF, SANS' GAIC
Knowledge of Industry Standards such as NIST Cybersecurity Framework (CSF), PCI-DSS, COBIT, CSA, MITRE ATT&CK & CAPAC, STRIDE, CIS Benchmarks etc.
Proven ability to provide Security Requirements for areas including but not limited to; Cloud Computing, Application Development, IAM and Infrastructure.
Knowledge of how to secure technologies such as but not limited to; SaaS services (ie. O365, Salesforce), Application Design, Container Platforms (ie. Docker, Kubernetes), Serverless, Big Data, Network, Operating Systems, Identity and Access Management.
Knowledge of SDLC (Waterfall/Agile), DevSecOps and good understanding of ITIL v3 Framework.
Proficient in performing quantitative risk management analysis.
Using ServiceNow to track activities, tasks, approvals, etc.
Strong negotiating, influencing and problem resolution skills.
Proven ability to effectively prioritize and execute tasks in a high-pressure environment.
Experience in business systems and process planning.
Knowledge of business environment, service requirements and hospitality culture.
Ability to translate information security objectives into mutually beneficial business strategies for the client organizations.
Demonstrated ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action.
Graduate/post graduate degree in cyber security.