Job Description

Our client is a privately held, family real estate development, investment and management firm, headquartered in New York with properties across the United States. Since 1957 we have developed, managed and owned over 40 million square feet of office, residential, hotel and retail space, including the World Trade Center in Downtown Manhattan.

Role Overview

As a candidate for this role, you are able to seamlessly switch from executive?level risk conversations to diving deep into controls and technology to drive high?level strategic discussions around roadmaps and security solutions. You are naturally curious, stay on top of emerging trends and threats, and are not afraid to question any existing processes and solutions while maintaining a keen sense of business value proposition and focus on the right priorities. You thrive in a fast?paced, technologically forward?leaning team that is willing to push the boundaries of security capabilities.

You want to

• Deliver and provide secure solutions.
• Identify gaps and provide suggestions for remediation, working with others to drive and deliver security controls.
• Enhance the process and procedures.
• Be viewed as the SME.
• Continually learn and tackle new responsibilities; implement, review, and enhance current solutions.
• Identify and automate repetitive tasks.

Your approach to the following questions will be highly determinative of our choice to review your application

• How would you evaluate a system or service that has suspicious communications and what tools or techniques would you use?
• Explain how you would identify and map a network.
• How would you assess a system or service to ensure alignment with NIST CSF?

Planning and Design Activities

• Develop and maintain a security architecture process that aligns with business, technology and threat drivers.
• Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
• Maintain security architecture artifacts (models, templates, standards, and procedures) for project and operations use.
• Determine baseline security configuration standards for operating systems, network segmentation, and identity and access management (IAM).
• Develop standards and practices for data encryption and tokenization based on data classification criteria.
• Develop standards for Data Loss Prevention and role?based access controls.
• Draft security procedures and standards for review by the Director of Cyber Security.
• Establish a taxonomy of indicators of compromise (IOCs) and share this detail with technology group contributors.

Assurance

• Track developments and changes in the digital business and threat environments to ensure adequate coverage in strategy plans and architecture artifacts.
• Validate IT infrastructure and reference architectures for security best practices and recommend enhancements to reduce risks.
• Validate security configurations and access controls for tools such as firewalls, IPSs, WAFs and anti?malware/endpoint protection systems.
• Conduct or facilitate threat modeling of services and applications tied to risk and data.
• Maintain a complete, accurate inventory of all systems that should be logged by SIEM or log management tools.
• Coordinate with DevOps teams to promote secure coding practices and address poor coding concerns.
• Review network segmentation for least privilege access.
• Review new deployments for alignment to Zero Trust.
• Support testing and validation of internal security controls.
• Review security technologies, tools, and services and recommend them to the broader security team based on security, financial, and operational metrics.
• Assist in conducting security assessments of vendors (SaaS, IaaS, MSPs).
• Coordinate assessment of operational technology (OT) and IoT systems.
• Collaborate with cross?functional teams to share best practices.
• Participate in application and infrastructure projects to provide security?planning advice.
• Work with the internal audit team to evaluate security?related controls.
• Provide technical guidance and training for junior security staff.

Collaboration

• Assist in vendor security assessments (SaaS, IaaS, MSPs). Evaluate the statements of work and adequacy of security protections.
• Assess SSAE 16 SOC 1 and SOC 2 audit reports for security?related deficiencies and required user controls.
• Coordinate with operational and facility management teams to evaluate OT and IoT system security.
• Collaborate with cross?functional teams to share best practices and insights.
• Participate in application and infrastructure projects to provide security?planning advice.
• Assist the internal audit (IA) team in evaluating the operational effectiveness of security controls.
• Provide technical guidance and training to junior security staff.

Requirements

A successful Cybersecurity Architect candidate will have the expertise and skills described below.

• Bachelors or masters degree in computer science, information systems, cybersecurity, or a related field.
• Minimum 5 years of security experience in a similar role.
• Minimum 3?5 years of IT Sysadmin, application programming, or network security experience.

Security and Technical Experience

• Hands?on experience managing security infrastructure (email security, firewalls, IPSs, WAFs, endpoint protection, SIEM, and log management).
• Experience reviewing application code for security vulnerabilities.
• Experience securing CI/CD pipelines.
• Hands?on experience with vulnerability management tools.
• Documented experience using threat?modeling methodologies on new applications and services.
• Experience designing deployment of applications and infrastructure into public cloud services.

Full?stack knowledge of IT infrastructure

• Applications
• Databases
• Operating systems Windows, Linux, macOS
• Hypervisors VMWare

IP networks WAN and LAN

• Network routing, segmentation and discovery
• Analysis of network traffic using Wireshark or NMap

Direct experience designing IAM technologies and services

Active Directory, Lightweight Directory Access Protocol (LDAP), Amazon Web Service (AWS) IAM, Zero Trust, PAM (e.g., CyberArk, Thycotic, Beyond Trust)

Working knowledge of IT service management

• Change management
• Configuration management
• Asset management
• Incident management
• Problem management
• Experience with NIST Cybersecurity Framework (CSF), CIS Controls

Certifications

• CISSP, CISA, GAIC

Knowledge and Skills

• Strong analytical and troubleshooting skills
• Strong organizational and prioritization skills
• Excellent oral and written communication skills
• Knowledge of Microsoft Windows operating environments
• Knowledge of Active Directory, Group Policy, and Intune
• Knowledge of the MITRE ATT&CK Framework, cyber kill chain, IOCs, IOAs, and TTPs
• Strong scripting skills (PowerShell and Python)
• Knowledge of cloud platforms: Azure, GCP, and AWS
• Knowledge of Palo Alto, Cisco, Aruba
• Understanding of process automation

Personal Characteristics

• Confident, energetic self?starter with strong interpersonal skills
• Self?motivated with a high sense of urgency and personal integrity
• Team player who works synchronously with department members

Position Details

Employee Work Schedule: Full?time Remote: No Relocation: No Salary: Not Specified

How to Apply

Position is expired. Thanks for your interest.

Job Tags

Similar Jobs