Cyber Security Architect

Job Summary

The Cyber Security Architect - Career will report to the VP of Marketing and Business Development, matrixed to the Dewpoint CISO, and participate within Dewpoint's Security organization. Cyber Security Solutions Architects provide overall direction, guidance, definition, and facilitation for developing current and future security architectures to meet Dewpoint's needs, goals, and strategic vision. The role will interface with other architects across all departments, proactively assisting in defining the direction for future products.

Key Job Responsibilities

• Leads and conducts assessments of corporate information systems to ensure compliance with security policies, NIST, CIS, CMMC security controls, PCI-DSS, and applicable state and federal laws and regulations.

• Identifies functionality requirements and performs implementation and advanced security administration of tools.

• Transitions day-to-day support of security tools to information security analysts.

• Establishes control-related standards and procedures and prepares project status reports for senior management.

• Participates in designing and coordinating business resumption and recovery test and evaluation plans from a security perspective, supporting disaster recovery and business continuity plans.

• Identifies potential risk items and subsequent vulnerability remediation in the environment.

• Supports day-to-day monitoring of logs and alerts from firewalls, log management, intrusion detection systems, content filtering controls, etc.

• Participates in forensic analysis and investigation of log alerts and malware.

• Provides advanced security analysis and guidance to the information security analyst and administration team members.

• Provides advanced technical problem-solving in configuring and utilizing all security-enabled applications, systems, and network devices.

• Provides advanced technical analysis of customer requirements and controls.

• Perform other related assigned duties as necessary to complete the primary job responsibilities.

• As a cyber security subject matter expert, working with limited supervision, actively contributing to the design and deployment of solutions that meet Dewpoint and Dewpoint's clients' business needs, focusing on ensuring that these solutions meet the defined security and compliance requirements.

• Defining appropriate levels of documentation to ensure that security and compliance requirements are met.

• Representing the security and compliance tower, participating in the investigation of new service capabilities, and help develop the required materials to enable Dewpoint to operationalize selected products and technologies.

• Lead security assessments and other pre-sales activities as required.

• Offers advice to internal delivery teams and assists with operational responsibilities when needed.

Required

• Bachelor's degree in information technology or related field.

• Minimum 5 to 7 years of experience in Information technology or systems administration.

• Minimum 5 to 7 years of experience in information security.

• CISSP certification required or the ability to obtain one within 12 months of employment.

• Experience with anti-virus software, intrusion detection, firewalls, and content filtering.

• Knowledge of risk assessment tools, technologies, and methods.

• Experience designing secure networks, systems, and application architectures.

• Knowledge of disaster recovery, computer forensic tools, technologies, and methods.

• Knowledge of planning, researching, and developing security policies, standards, and procedures.

• Professional experience in a system administration role supporting multiple platforms and applications.

• Ability to communicate network security issues to peers and management.

• Ability to read and use the results of mobile code, malicious code, and anti-virus software.

• Hands-on experience in a variety of IT technologies such as compute, storage, network, virtualization, cloud, or application development.

• Extensive experience in managing and configuring IT systems, focusing on monitoring and reporting on their security and state of compliance.

• Experience in a range of security products, technologies, and vendors.

• Operational experience in a range of different security areas, such as vulnerability management, anti-virus/ anti-malware systems, ATP, network protection systems (firewall, NIDs/NIPS), and identity management.

• Experience with ITIL foundational processes.

• Understanding of virtualization technologies and how to secure these.

• Experience leading other security, IT operational, or application development resources

• Experience in Leading or assisting with the development of internal Security tabletop exercises

• Good analytical and troubleshooting skills driven by a logical, systematic approach.

• Demonstrated verbal and written skills with the ability to communicate technical concepts to team members.

• Ability to work closely with clients, senior managers, and project managers to design and assist with implementing the solutions' infrastructure-related components.

• Must have a strong desire to drive and adapt to change quickly.

Preferred:

• Degree with Information Security as a major field of study

• Configuration management / device hardening

• Mobile device security

• Experience in formal IT audit activities

Dewpoint Core Competencies

Vision and Strategy - Supports Strategy and Vision and can clearly articulate to their team.

Customer and Team Focus - Builds rapport within and between teams. Develops trusted relationships with customers up through the Director level.

Effective Communicator - Able to convey technical concepts and rationale of ideas and decisions to teams with clarity in multiple ways.

Adaptability - Able to respond to chaos and ambiguity within and between teams.

Accountability - Owns problems, issues, and outcomes within their team. Holds self and others accountable for achieving team results.

Collaboration - Works effectively within and across teams to solve problems and solutioning opportunities.

Critical Thinking - Examines issues, ideas, and situations to impact results and implement improvements.

Coach and Mentor - Coaches others on tools, processes, technologies, best practices, and personal skills such as communication and collaboration.

Measured By

• Successful application and understanding of the core competencies.

Minimum Physical Expectations

• Physical activity that often requires keyboarding, sitting, phone work, and filing.

• Physical activity that often requires extensive time working on a computer.

• Physical activity may require lifting under 25 lbs.

• Physical activity that sometimes requires travel – car, train, and/or air.

• Physical activity that sometimes requires bending, stooping, reaching, climbing, kneeling, and/or twisting.

• Specific vision abilities required include close vision, depth perception, and the ability to adjust and focus.

• Must hear and speak well enough to conduct business over the telephone or face-to-face (in English) for long periods of time.

Minimum Environmental Expectations

• This position will require working indoors. A typical workweek is eight (8) hour workdays, five (5) days per week with some weekend and evening work. Longer hours as needed and if a security threat is detected needing immediate attention.