Cyber Security Architect

Cyber Security Architect

Overview

Our client is a privately held, family real estate development, investment and management firm, headquartered in New York with properties across the United States. Since 1957 we have developed, managed and owned over 40 million square feet of office, residential, hotel and retail space, including the World Trade Center in Downtown Manhattan.

Role Overview

As a candidate for this role, you are able to seamlessly switch from executive-level risk conversations to diving deep into controls and technology to driving high-level strategic discussions around roadmaps and security solutions. You are naturally curious and stay on top of emerging trends and threats. You are not afraid to question any existing processes and solutions, yet you display a keen sense of business value proposition and focus on the right priorities. You are a clear thinker. You thrive in working in a fast-paced, technologically forward-leaning team that is not afraid to push the boundaries of security capabilities.

You want to...

• Deliver and provide secure solutions.
• Identify gaps and provide suggestions for remediation. Work with others to drive and deliver security controls.
• Enhance the process and procedures.
• Be viewed as the SME.
• Continually learn and tackle new responsibilities. Implement, review, and enhance current solutions.
• Identify and automate repetitive tasks.

Your approach to the questions to answer following will be highly determinative of our choice to review your application:

• How would you evaluate a system or service that has suspicious communications and what tools or techniques would you use?
• Explain how you would identify and map a network.
• How would you assess a system or service to ensure alignment with NIST CSF?

Planning and Design Activities

• Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
• Develops security strategy plans and roadmaps based on sound enterprise architecture practices
• Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
• Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM)
• Develops standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
• Develops standards for Data Loss Prevention and Role-Based Access Controls
• Drafts security procedures and standards to be reviewed by Director of Cyber Security
• Establishes a taxonomy of indicators of compromise (IOCs) and share this detail with contributing parties within the technology group

Assurance

• Tracks developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
• Conducts or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
• Ensures a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
• Coordinates with DevOps teams to advocate secure coding practices, and to escalate concerns related to poor coding practices
• Reviews network segmentation to ensure least privilege for network access
• Reviews existing and new deployments for alignment to Zero Trust
• Supports the testing and validation of internal security controls
• Reviews security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics

Collaboration

• Assists in conducting security assessments of existing and prospective vendors:
• Software as a service (SaaS) providers
• Cloud/infrastructure as a service (IaaS) providers
• Managed service providers (MSPs)
• Evaluates the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings
• Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems
• Works with cross-functional teams to share best practices and insights
• Participates in application and infrastructure projects to provide security-planning advice
• Works with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls
• Provides technical guidance and assists in training security junior staff

Requirements

A successful Cybersecurity Architect candidate will have the expertise and skills described below.

• Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.
• Min 5 years of security experience in a similar role.
• Min 3-5 years of IT Sysadmin, Application Programming, or Network Security experience

Security and Technical Experience The security architect should have direct, documented, and verifiable experience with the following:

• Direct, hands-on experience or strong working knowledge of managing security infrastructure ? e.g., Email Security, firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
• Verifiable experience reviewing application code for security vulnerabilities.
• Experience securing CI/CD pipelines.
• Direct, hands-on experience or a strong working knowledge of vulnerability management tools.
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
• Experience designing the deployment of applications and infrastructure into public cloud services.

Full-stack knowledge of IT infrastructure:

• Applications
• Databases
• Operating systems ? Windows, Linux, MacOS
• Hypervisors - VMWare

IP networks ? WAN and LA

• Network Routing, Segmentation and Discovery
• Ability to Analysis Network Traffic using Wireshark or NMap

**Direct experience designing IAM technologies and services: - Active Directory - Lightweight Directory Access Protocol (LDAP) Amazon Web Service (AWS) IAM, Zero Trust - PAM (ex. CyberArk, Thycotic, Beyond Trust)

Working knowledge of IT service management:

- Change management
- Configuration management
- Asset management
- Incident management
- Problem management

• Experience with NIST Cybersecurity Framework (CSF), CIS Controls

Certifications

The security architect will evidence his/her knowledge of security and risk management through ongoing continuing professional education. The ideal candidate will maintain one or more of the following certifications, though they are not required:

• CISSP, CISA, GAIC

Knowledge and Skills

• Strong analytical and trouble-shooting skills
• Strong organizational and prioritization skills
• Strong general IT knowledge
• Excellent oral and written communication skills
• Knowledge of Microsoft windows operating environments
• Knowledge of Active Directory, Group Policy, and Intune
• Knowledge of Mitre Attack Framework, Cyber kill chain, IOCs, IOAs, and TTPs
• Strong skills with scripting in technologies like PowerShell and Python
• Knowledge of cloud platforms like Azure, GCP, and AWS
• Knowledge of Palo Alto, Cisco, Aruba
• Understanding of process automation

???????Personal Characteristics

• Is a confident, energetic self-starter, with strong interpersonal skills
• Self-motivated and possessing of a high sense of urgency and personal integrity
• Must be a team player that wants to work synchronously with department members