SysMind Tech
Cloud Security Architect
SysMind Tech, Hollywood, Florida, United States, 33024
JOB DESCRIPTION:
The Security Architect is a hands-on team player who provides technical security guidance and leadership with the design, installation, operation, service and maintenance of a variety of information systems. This individual understands IT Enterprise Architecture and works with the business, IT, and enterprise architects to ensure that security standards are created and implemented into SHRSS Enterprise Architecture frameworks and project lifecycle. This role identifies security gaps, develops controls, determines functional and non-functional security requirements and designs solutions that meet business objectives while complying with security standards to achieve Security-by-Design principles based on the needs of the business and organizational security requirements.
Architect has broad experience - big picture approach - every domain in sec Network IAM SecOps Incident response Asset management Lock management Threat modeling Enterprise architecture and threat modeling "have you done threat models" "what methodology have you used" What are the frameworks: Stride, pasta, Describe to me - acronyms : PASTA, STRIDE, TOGAF Deep dive tactic spoofing CISSP - gold standard, reps the broad knowledge Identify lack of security controls Security reviews (currently informal not following a threat model) They are formalized - building team of architects Resumes looking for
threat modeling
and sec architect in title or in their JD TOGAF mention Impressed when people list have risk assessment similar to threat modeling
Qualifications
Experience / Education / Certifications •Bachelor's degree preferred in Computer Sciences, Information Technology, or related field. •Experience with container-based orchestration ( Kubernetes
and similar) and
microservices
architecture •Working knowledge of
Zero Trust Network Architecture (ZTNA) •Practical knowledge of any combination of
Payment Card Industry (PCI), GDPR, NIST standards,
or ISO27000 series. •At least one industry standard certification such as GSEC, Certified Information Systems Security
Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security
Manager (CISM) or other security vendor certification.
Skills •Team player able to work effectively at all levels of an organization with the ability to influence
others to move toward consensus. •Clear ability to build strong relationships and establish trust with stakeholders at all levels. •Excellent verbal and written communications skills. •Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and
disciplined manner. •Ability to solve complex problems in a timely manner by working with multiple stakeholders. •Ability to manage multiple tasks and work streams effectively. •Ability to follow detailed processes and procedures with a high degree of accuracy. •Customer-focused mindset, with demonstrated skill in managing expectations, providing
proactive status updates, and producing high-quality work products. •Experience of network design, mobile security, network and firewall security technologies and
vulnerability management, scanning. •Knowledge of web application security, browser security models, and application security
vulnerabilities such as the OWASP Top Ten. •Experience managing project through the full system development lifecycle. •Multiple language abilities preferred - fluency in English (written and spoken) required. •Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam,
encryption, authentication, logging and log analysis, IP and device reputation, and security rules
and policies. •High degree of skill and knowledge in managing and part taking in incident response, Intrusion
Prevention Systems, Intrusion Detection Systems, SEIM, Endpoint security solutions. •Flexibility to travel as required up to 15% overnight travel
The Security Architect is a hands-on team player who provides technical security guidance and leadership with the design, installation, operation, service and maintenance of a variety of information systems. This individual understands IT Enterprise Architecture and works with the business, IT, and enterprise architects to ensure that security standards are created and implemented into SHRSS Enterprise Architecture frameworks and project lifecycle. This role identifies security gaps, develops controls, determines functional and non-functional security requirements and designs solutions that meet business objectives while complying with security standards to achieve Security-by-Design principles based on the needs of the business and organizational security requirements.
Architect has broad experience - big picture approach - every domain in sec Network IAM SecOps Incident response Asset management Lock management Threat modeling Enterprise architecture and threat modeling "have you done threat models" "what methodology have you used" What are the frameworks: Stride, pasta, Describe to me - acronyms : PASTA, STRIDE, TOGAF Deep dive tactic spoofing CISSP - gold standard, reps the broad knowledge Identify lack of security controls Security reviews (currently informal not following a threat model) They are formalized - building team of architects Resumes looking for
threat modeling
and sec architect in title or in their JD TOGAF mention Impressed when people list have risk assessment similar to threat modeling
Qualifications
Experience / Education / Certifications •Bachelor's degree preferred in Computer Sciences, Information Technology, or related field. •Experience with container-based orchestration ( Kubernetes
and similar) and
microservices
architecture •Working knowledge of
Zero Trust Network Architecture (ZTNA) •Practical knowledge of any combination of
Payment Card Industry (PCI), GDPR, NIST standards,
or ISO27000 series. •At least one industry standard certification such as GSEC, Certified Information Systems Security
Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security
Manager (CISM) or other security vendor certification.
Skills •Team player able to work effectively at all levels of an organization with the ability to influence
others to move toward consensus. •Clear ability to build strong relationships and establish trust with stakeholders at all levels. •Excellent verbal and written communications skills. •Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and
disciplined manner. •Ability to solve complex problems in a timely manner by working with multiple stakeholders. •Ability to manage multiple tasks and work streams effectively. •Ability to follow detailed processes and procedures with a high degree of accuracy. •Customer-focused mindset, with demonstrated skill in managing expectations, providing
proactive status updates, and producing high-quality work products. •Experience of network design, mobile security, network and firewall security technologies and
vulnerability management, scanning. •Knowledge of web application security, browser security models, and application security
vulnerabilities such as the OWASP Top Ten. •Experience managing project through the full system development lifecycle. •Multiple language abilities preferred - fluency in English (written and spoken) required. •Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam,
encryption, authentication, logging and log analysis, IP and device reputation, and security rules
and policies. •High degree of skill and knowledge in managing and part taking in incident response, Intrusion
Prevention Systems, Intrusion Detection Systems, SEIM, Endpoint security solutions. •Flexibility to travel as required up to 15% overnight travel