-
ID
#44906008 -
Job type
Contract -
Salary
TBD -
Source
Kelly -
Date
2022-08-15 -
Deadline
2022-10-14
Senior Security Solution Architect
Pennsylvania, Pittsburgh, 15212 Pittsburgh USAContract
Vacancy expired!
- Experience securing edge compute stacks (we're looking at hardware convergence at our sites to host Level 3 and Level 4 environments using logical separation)
- Has experience with IOT and OT security concepts and challenges
- Has experience with vulnerability management (infrastructure and apps) and driving change through policy and engagement
- Experience with AD GPO (looking for Server 2019 and Windows 11 best practices and improvements based on recent pen tests)
- Looking for an energetic leader, with strong communication skills that can engage both business and technical teams.
- Assess, design, implement and oversee the cybersecurity technology stack, and supporting lifecycles
- Provide senior level support for the company's cyber security initiatives, projects, and ongoing activities
- Review existing security architecture, identify design and policy gaps, and recommend security enhancements to enterprise business and process control networks
- Serve as an information security expert and trusted advisor to partners in IT and within our business units
- Lead and manage the incident response team, comprised of in-house FTE's and MSSP provided support
- Oversee the information security technology stack, from an infrastructure, application, and service perspective
- Engage and maintain relationships with key security vendors and resellers
- Design and implement action plans for policy creation and governance, system hardening, monitoring, incident response, operational resiliency, and defense against emerging cybersecurity threats
- Assess and guide the IT attack surface landscape with the support of our vulnerability management team. Partner with enterprise IT teams and compliance teams to set the direction and remediation prioritization for discovered vulnerabilities
- Achieve security architecture compliance on requirements, including, but not limited to, Sarbanes-Oxley, NIST, global data privacy requirements and state and federal regulations
- Bachelor's degree from an accredited institution.
- Minimum five (5) years of experience in security and network engineering and architecture
- Demonstrated domain expertise in security and engineering: application security, security operations, threat detection, and/or security tooling.
- Security fundamentals with a solid understanding of threats, vulnerabilities, defenses, security principles, and policies
- Strong foundation in security domains such as operational technology, next generation firewalls, intrusion detection, and vulnerability management solutions
- Deep knowledge of security frameworks e.g. MITRE ATT&CK, CIA triad, ISO 27001, CIS Top 20, NIST CSF, NIST 800-53, NIST 800-171 etc.
- 5+ years of relevant cyber security experience in a matrixed global environment
- 10-15 years professional experience implementing enterprise-scale information technology solutions
- Experience in securing manufacturing or operational technology environments is a plus
- Active security certification (ISACA, ISC2, CompTIA etc.), is a plus
- Knowledge of the security ecosystem including areas such as governance, network and perimeter security, EDR/MDR, identity and access management, email security, SIEM, IDS/IPS, etc.
- Experience with penetration testing, vulnerability scanning, and web application security assessments
- Knowledge of patch management solutions and other systems security management solutions
- Knowledge of current-generation networking solution stacks, including 802.1X, SDN among others
- Multi-vendor knowledge around network security products (e.g. firewalls, SSL VPN, zero trust) and related solution sets
Vacancy expired!
Report job