Nesco Resource
Enterprise Security Architect
Nesco Resource, Milwaukee, Wisconsin, United States, 53244
Summary:The Enterprise Security Architect will design, implement, and maintain our security architecture while developing, reviewing, and guiding information security solutions across all business units, collaborating with stakeholders and teams throughout the organization. This role is responsible for guiding information security controls into business and technology processes, overseeing threat modeling products and services, identifying and remediating risks for externally sourced and internally developed software, and partnering with development teams to implement secure software development practices.
Responsibilities:Act as a subject matter expert for security design, configurations, baselines, and technical standards.Stay informed about emerging security practices and standards.Respond to and investigate security incidents, providing thorough post-event analyses.Verify security systems through the development and implementation of test scripts.Conduct regular security testing, monitoring, and implement necessary enhancements to maintain a strong security posture.Collaborate with senior leadership to define security requirements, effectively communicate results, and assess security risks.Enhance the Security team's capabilities of delivering solutions and answering technical questions.Plan, research, and design comprehensive security architecture for enterprise Technology Services systems, aligning with business strategies and requirements.Define security (functional and non-functional) requirements aligned with business objectives.Work with stakeholders to select, evaluate, design, and document enterprise security solutions.Support the development of security standards, reference architectures, patterns, and guidelines for consistent security posture.Assess the effectiveness of security controls (data protection, identity and access management (IAM), detective controls, infrastructure/network security, incident response) and drive implementation of appropriate controls, processes, and remediation of non-compliance.Research and advocate new technologies, architectures, and security products to enhance the organization's security maturity roadmap.Perform other position-related duties as assigned.Requirements:Experience building test environments to simulate real-world security situations.Experience securing cloud containers and serverless functions.Experience working with Secure Access Service Edge (SASE).Experience working with Identity Governance and Administration (IGA).Experience implementing Zero Trust security.Knowledge of the latest cybersecurity threats and defense mechanisms.Knowledge of data security techniques and best practices for protecting data at rest, in transit, and in use.Knowledge of IAM, access control models, authentication methods, and authorization principles.Knowledge of application security, including secure coding practices, vulnerability assessments, and penetration testing methodologies.Seven years or more of work experience designing and building enterprise-level security architecture and engineering environments.Experience working with cloud security architectures (Azure, AWS).Experience working with advanced security controls and technologies (e.g., SIEM, CASB, Data Loss Prevention (DLP)).Experience integrating security throughout the software development lifecycle (SDLC).Experience with secure architecture principles, secure SDLC, and security device management (installation, configuration, troubleshooting).Experience working with and resolving network attacks, phishing, spam email, encryption, authentication, logging and log analysis, and device reputation.Education:Bachelor's degree in computer science, technology services, or a related field.
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
#J-18808-Ljbffr
Responsibilities:Act as a subject matter expert for security design, configurations, baselines, and technical standards.Stay informed about emerging security practices and standards.Respond to and investigate security incidents, providing thorough post-event analyses.Verify security systems through the development and implementation of test scripts.Conduct regular security testing, monitoring, and implement necessary enhancements to maintain a strong security posture.Collaborate with senior leadership to define security requirements, effectively communicate results, and assess security risks.Enhance the Security team's capabilities of delivering solutions and answering technical questions.Plan, research, and design comprehensive security architecture for enterprise Technology Services systems, aligning with business strategies and requirements.Define security (functional and non-functional) requirements aligned with business objectives.Work with stakeholders to select, evaluate, design, and document enterprise security solutions.Support the development of security standards, reference architectures, patterns, and guidelines for consistent security posture.Assess the effectiveness of security controls (data protection, identity and access management (IAM), detective controls, infrastructure/network security, incident response) and drive implementation of appropriate controls, processes, and remediation of non-compliance.Research and advocate new technologies, architectures, and security products to enhance the organization's security maturity roadmap.Perform other position-related duties as assigned.Requirements:Experience building test environments to simulate real-world security situations.Experience securing cloud containers and serverless functions.Experience working with Secure Access Service Edge (SASE).Experience working with Identity Governance and Administration (IGA).Experience implementing Zero Trust security.Knowledge of the latest cybersecurity threats and defense mechanisms.Knowledge of data security techniques and best practices for protecting data at rest, in transit, and in use.Knowledge of IAM, access control models, authentication methods, and authorization principles.Knowledge of application security, including secure coding practices, vulnerability assessments, and penetration testing methodologies.Seven years or more of work experience designing and building enterprise-level security architecture and engineering environments.Experience working with cloud security architectures (Azure, AWS).Experience working with advanced security controls and technologies (e.g., SIEM, CASB, Data Loss Prevention (DLP)).Experience integrating security throughout the software development lifecycle (SDLC).Experience with secure architecture principles, secure SDLC, and security device management (installation, configuration, troubleshooting).Experience working with and resolving network attacks, phishing, spam email, encryption, authentication, logging and log analysis, and device reputation.Education:Bachelor's degree in computer science, technology services, or a related field.
Nesco Resource offers a comprehensive benefits package for our associates, which includes a MEC (Minimum Essential Coverage) plan that encompasses Medical, Vision, Dental, 401K, and EAP (Employee Assistance Program) services.Nesco Resource provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
#J-18808-Ljbffr