Security Architect, MCC - LIVE ANYWHERE in United States at Cloud Technology Partners (Boston, MA) (allows remote)
Desired Skills and Experience
- Analyze and design security and compliance solutions for applications and infrastructure, and provide expertise and consulting to clients
- Identify and document information security risks and propose mitigating controls
- Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security and compliance requirements
- Understand and provide guidance on the architectures and solutions to assist clients with addressing regulatory governance and compliance requirements
- Research, identify, design, and develop new information security or compliance controls for clients
- Provide input regarding best practices for the creation of next-generation services focused on addressing and improving client’s governance and compliance requirements
- Assess current IT environments and make recommendations to increase security and compliance capabilities
- Assist clients in troubleshooting and resolving information security and compliance issues
- Author, project, and support documentation and diagrams
- Implement security and compliance solutions
- Must have the ability to travel and work onsite at client locations (typically 50%)
- 5+ years of hands-on experience with:
Identity and Access Management solutions (Ping, Okta, OneLogin) Roles Based Access Control (RBAC) Identity Federation (oAUTH, SAML 2.0, WS-FED) Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store) Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)
- Identity and Access Management solutions (Ping, Okta, OneLogin)
- Roles Based Access Control (RBAC)
- Identity Federation (oAUTH, SAML 2.0, WS-FED)
- Privileged User Management solutions (Dome9, Centrify, CyberArc, NetIQ, Secret Store)
- Security Logging and Monitoring solutions (SIEM) (Trend Micro, Splunk, Alert Logic); and
- Security Vulnerability testing solutions (Nessus, AWS, CIS and OWASP audits)
- Knowledge of Cloud Security Alliance (CSA) best practices and guidelines
- Working experience with ISO 27001, CoBIT, SOX and/or other Information Security Management frameworks.
- Demonstrated security platform design and implementation experience
- Proven experience with application security, firewalls, IPS, vulnerability assessment and mitigation, event collection and correlation, auditing, crypto, data loss prevention
- Excellent verbal communication, organizational, presentation and planning skills
- Experience translating business direction into required security and or compliance controls and collaborating from SME to C-Level.
- Bachelor’s Degree in Computer Science, other technical fields
- Experience as a hands-on technical practitioner/specialist in client facing roles in mid-size or large enterprises and demonstrated client facing consulting skills, including building strong client relationships
- Ability to design and implement reliable, scalable, high performing web-based solutions that meet the service levels associated with mission-critical Identity and Access Management based solutions
- Understanding of identity and IAM processes, technologies, standards and industry best practices
- Proven ability to thrive and succeed in a dynamic, fast growing, startup environment
- Strong consultative selling, presentation and negotiation skills
- Ability to thrive in ambiguous/pressure situations
- Sense of Humor!
- Experience with security architecture frameworks in cloud-based environments (e.g., AWS, OpenStack, VMware, etc) is strongly preferred.
- Experience with PCI compliance, PCI Qualified Security Assessor (QSA) is a plus.
- Obtaining Security certifications (CISSP, CISM, CISA etc)