The Enterprise Cybersecurity Architect position is a unique role in the cybersecurity organization, working across the entire cybersecurity domain to drive a continuous evolution of the program, frameworks and future state architecture. This role will contribute to the securityrisk strategy and framework development, and will drive develop reference models and conceptual architectures across multiple technical security solution areas.
- Provides risk management frameworks and principles across the enterprise.
- Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application.
- Provides thought leadership and evolves architecture across all enterprise technical security services such as SIEM, DLP, PKI, IDS/IPS, enterprise authentication/authorization frameworks and models.
- Creates an approach for addressing the specific architectural, design, or process challenge
- Conducts a gap analysis of current versus desired capabilities.
- Creates white papers and presentations on the proposed solution.
- Provides technical briefings to leadership.
- Participates in various forums, and creating meeting reports, recommendations, and feedback as directed by leadership.
- Presents technical concepts to a non-technical audience.
- Other duties as assigned.
- Bachelor’s degree in Information Technology/Computer Science or related field required.
- Certified Information Systems Security Professional (CISSP) from International Information Systems Security Certification Consortium (ISC2) required.
- Certifications from SysAdmin, Audit, Network and Security Institute (SANS), International Information Systems Security Certification Consortium (ISC2) or Computing Technology Industry Association (CompTIA) or other position related certifications preferred.
- ITIL Foundations certification required within 6 months of position start date
Complexity of Work:
- Ability to conducting a gap analysis of current versus desired capabilities
- Advanced knowledge with complex domain structures, user authentication mechanisms and cryptography.
- Has in-depth knowledge of intrusion detection and data correlation.
- Advanced knowledge of networking/distributed computing environment concepts.
- Intricate knowledge of network topology and the underlying OSI model.
- Understands principles of client/server configuration.
- Excellent knowledge of securitytechnology and strong analytical skills.
- Must be able to work in stressful environment and take appropriate action.
- Strong analytical, administrative, presentation, and project management skills are required.
- Must have strong communication skills (both written and verbal) and the ability to work independently.
- Minimum of 15years of experience in the information security field with expert knowledge of applications, cloud and mobilesecurity, platforms and infrastructure.
- Must have highest level experience in security strategy and architecture, operations, cybersecurity tools, intrusion detection, secure networks and current state-of-the-art cybersecuritytechnologies, standards, policies, procedures
- Extensive experience with requirements analysis and the development of use cases, architectural views (e.g. conceptual, logical, physical), reference models and architectures, architectural principles, and architectural patterns.?
- Knowledge of Regulations, Standards and Frameworks, including HIPPA/HITECH, HITRUST, SABSA, Zachman, TOGAF, NIST Cybersecurity Framework, ISO 27001/2.
- Subject matter expertise in one or more of networkarchitecture, Big Data, Cloud Security, medical device security.
- Experience with developing and maintain securityarchitecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities.
- Requires the ability to sit and be stationary for prolonged periods of time, normal or corrected vision and manual dexterity sufficient to perform work on a personal computer.
- Requires the ability to walk to various locations throughout the organization and to function in a stressful environment.
Personal Protective Equipment:
- Follows standard precautions using personal protective equipment as required.