Summary
Cybersecurity Architects’ are a group of professionals who ensure that systems, services, applications, and infrastructure work reliably and securely. The Cybersecurity Architect is expected to have a beginning to moderate understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.
For this role, applicants should be proficient in assessing application security. This includes an understanding of the security software development lifecycle (SDLC), as well as being proficient in at least one programming language.
Essential Duties and Responsibilities:
Core Requirements:
- Familiarity with the secure SDLC
- Proficiency in at least one programming language
- Experience conducting code reviews from a cybersecurity perspective
- Familiarity with the OWASP Top 10 (e.g., XSS, CSRF, etc.)
- Experience with OAUTH and ADFS
- Experience conducting security assessments, including assessing the security of third-party vendors
- Stay up to date on the latest security and industry trends including their compliance requirements
- Maintain knowledge of cybersecurity frameworks such as NIST and CIS and other security technology by attending workshops and reviewing publications
- Responsible for overseeing the security controls for the company with minimal oversight
- Responsible for designing and implementing new security technologies with minimal oversight
- With minimal oversight, provide training to other members of the team
- With minimal oversight, maintain complex project tasks and interface with various teams
- Provide thoughts on and assist in developing new features to be added to the SIEM
- With oversight, identify and design new security policies for the organization
- With minimal oversight, assist in maintaining PCI compliance of the organization
- With minimal oversight, assist in the design and implementation of a vulnerability management program
- With minimal oversight, aid in the design, implementation, and enhancement of the security awareness program
- Effectively deal with rapid change in a positive manner
- Assist in process improvements to enhance the efficiency of current operational procedures
- Coordinate relations with and serve as a liaison between business and IT staff
- Assist in developing short-term and long-term department goals which support long-term strategic goals
- Ensure the coordination and communication of production changes
- Participate in all company/location driven communication efforts, including huddles, department meetings, and other related efforts
- Maintain a positive and professional working relationship with peers, management, support resources, and the community with a constant commitment to teamwork and exemplary customer service to present a professional image of D&H Distributing
- Perform all other duties as assigned by management in a professional and efficient manner
Preferred Skills:
· Proficiency in web development, .NET, and/or Java
· Familiarity with API security best practices
· Experience conducting code reviews from a cybersecurity perspective
· Ability to design and support the implementation of security as part of the continuous deployment process
KNOWLEDGE, SKILLS, and/or ABILITIES
- Exceptional verbal and written communications skills
- Effectively communicate complex technological issues in business terms at any level within the organization
- Respond to customer inquiries, effectively communicate critical problems and discuss resolutions with management
- Highly self-motivated and directed
- Ability to prioritize and execute tasks in a high-pressure environment and make sound decisions in emergency situations
- Ability to lead complex initiatives and project teams with supervision
- Ability to communicate topics and concepts to the team and a diverse audience
- Ability to handle multiple overlapping projects and competing deadlines with minimal oversight.
- Strong time management, attention to detail, and communications skills
Education and/or Experience
- Associates degree in Cybersecurity or similar area of study required or equivalent years of related work experience
- Bachelor’s degree in Cybersecurity or similar area of study preferred
- At least 3-5 years of experience in cybersecurity with application security preferred
- Industry certifications (CSSLP, CASE, CEH, Security+, CISSP, GWEB, , CCNA Security or similar) preferred
- Scripting experience in PowerShell, Python or Perl preferred
