Working in a fast paced, highly technical startup environment, design new security solutions and recommend security controls, designs and technical standards for new IT solutions.

Provide technical security architecture guidance on varying IT solutions. Role will be primarily focused on solution design, but with a very technical focus and a small amount of engineering responsibilities.

 Translate business and regulatory requirements into solutions that work in an agile startup environment.

Major Responsibilities: 

• Act as a senior advisor/ technical lieutenant to the CISO

• Develop security design standards and patterns that support risk and compliance objectives

• Review proposed IT solutions and identify risks

• Create network and data flow documentation

• Act as technical security liaison between multiple groups to provide security design and architecture guidance

• Draft technical artifacts, process and procedure

• Research, design and support implementation of security toolsets such as SIEM, PKI, forensics capabilities, and other security technologies as needed.

• Provide mentoring and training; act as a leader within the security team

• Lead and/or participate in security projects

• Collaborate with security/system administrators on implementation of solutions

Experience:

• 5+ years as a technical security practitioner/security architect

• Strong knowledge of cloud and virtualization technologies and platforms. (AWS preferred)

• Experience in software development continuous integration and continuous deployment environment.

• Networking and Unix/Linux skills

• Logical access/ identity management, secure remote access

• Familiarity with database and operating system security

• Some experience with hands on administration of network devices, systems and/or security devices

• Understanding of Firewalls, Encryption and PKI, Intrusion Detection Systems, Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Web Application Firewalls, Advanced Malware Defense Appliances, DDOS Prevention, Application Whitelisting, and Network Packet Capture Solutions.

• Strong interpersonal skills and expert team player with demonstrated ability to build collaborative relationships

• Familiarity with regulated environments and related standard (ISO 27001/2, NIST, FEDRAMP, HIPAA, PCI/DSS, Sarbanes Oxley)

Certifications:

Candidate should possess the CISSP, CEH, SANS GIAC, ISO 27001 lead auditor or similar expert level security certifications. 

Education (minimum/desirable):

Bachelor’s degree and/or masters

Languages:

Excellent written and communication skills in English