The Cyber Security Architect works with information and operational technology teams to architect, design, implement, maintain, and operate cyber security controls and countermeasures. He or she leads the cyber security team to conduct cyber security assessments, maintain cybersecurity tools and perform network monitoring, conduct awareness training, and maintain cybersecurity documents. Continued emphasis on risk mitigation, metrics, system automation and reporting, compliance, standards, processes, and teamwork is essential to success
Reports to: Vice President of Information Technology
Supervises: Cyber Security Analyst
ESSENTIAL DUTIES AND RESPONSIBILITIES
Architect, design, implement, maintain, and manage information system security controls and countermeasures; identify, analyze and mitigate risks as appropriate. Generate IT security-related reporting and metrics.
Perform analysis, development, and implementation of processes, procedures, and tools to enable continuously auditable compliance with cybersecurity policies and industry best practices.
Conduct periodic and on-demand system audits, risk assessments, vulnerability assessments, and third-party security reviews to ensure that business partners, applications, networks, and infrastructure components adhere to security standards and policies.
Develop and maintain information security documents (policies, standards, baselines, and work instructions)
Implement and maintain cybersecurity tools. Administer and review security systems such as SIEM, FIM, IDS/IPS, Whitelisting, and Anti-malware.
Document and maintain PCI compliance. Actively perform PCI internal self-assessments, quarterly reviews, ad hoc tests and audits.
Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
Oversee vulnerability scanning and mitigation. Analyze and assess vulnerabilities in the infrastructure (software, hardware, networks), assist in investigation and implementation of countermeasures to resolve or mitigate detected vulnerabilities.
Research, test, and recommend information security products based on cost/benefit and risk reduction methodologies. Manage budget for cybersecurity spend.
Proficiency in the following areas to include, but not limited to:
Developing security programs and training cooperative employees in electronic security measures
Creating, implementing, testing and reviewing information security protocols, policies and procedures.
Developing and supervising network penetration testing and vulnerability assessments.
Creating and updating Information Technology emergency response plans and incident response plans.
Provide internal security consulting and advisory services to internal business and IT stakeholders regarding information security requirements, security policy/standards, security architecture, threat modeling, and ongoing maintenance of the information security risk management program, including policies, procedures, technical systems, compliance, and risk assessment activity.
Effective leadership skills with ability to make and implement sound business decisions commensurate with responsibilities; demonstrated organizational, prioritization and project management skills to schedule and direct the work of others; analytical and process management skills; demonstrated change management aptitude and ability.
Effective communications skills including written, verbal, and listening for interaction with employees, management, vendors, consultants and others; ability to analyze and interpret job related business periodicals and technical manuals; prepare reports, business correspondence, procedures and training manuals; prepare and conduct presentations to employees, management and others.
Proficiency in the operation of personal computers; computer networking, internet/web security; disaster recovery, MS Exchange; virtualization, active directory/group policy and computer software applications including MS Office products, customer information systems, etc.
Excellent customer service orientation skills; ability to use tact and judgment for interaction with employees, managers, vendors, consultants and others; ability to work independently and productively and results oriented in order to complete assignments and meet deadlines.
Provide backup (second-level) technical support for hardware and software systems, including servers, PCs, mobile devices, LAN, WAN troubleshooting and resolution as necessary. Tests, diagnoses, and resolves problems; analyzes end-user requirements and recommends appropriate solutions.
Research cyber threats to stay aware of emerging exposures. Maintain professional and technical knowledge by attending educational workshops; reviewing professional publications; establishing personal networks; benchmarking state-of-the-art practices; participating in professional societies.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be an exhaustive list of all responsibilities.
The position shall be required to perform any other duties assigned to fulfill the objectives of the Cooperative.
Vendors, Consultants, and Technology Companies: To evaluate and implement software/hardware systems, monitoring, and reporting tools. To design and implement methods and procedures for testing, inspecting, monitoring and reporting. To report software malfunction, resolve hardware and software issues, and to stay up-to-date on current technology. To partner with outside consultants, as appropriate, for independent security audits.
Job Knowledge, Training and Education: Bachelor of Science in Computer Science, Engineering, or equivalent, and five to seven years' experience in the related area as an individual contributor, including one to three years supervisory experience. Proficiency in all relative areas necessary to accomplish essential duties and responsibilities of position. Well-rounded understanding of technology, operations and related business processes. Must have knowledge of PCI compliance requirements. Relevant technical training or certifications in compliance, security, analysis, and design highly desired. Up-to-date knowledge of uses and functions of IT equipment and related programming/technical requirements.
Equipment Operated: All specific equipment related to Information Technology as well as a variety of office equipment, including personal computer, telephone, and printer.
Abilities and Skills: Must be able to perform complicated research, reporting, application and process analysis, and querying of data. Strong attention to detail. Impeccable written and verbal communication skills. Problem Solving, process improvement, project management, and reporting, and.
Physical Effort: Occasional lifting, up to 30 pounds, required. Physical ability in sitting, stooping, pushing, crouching, crawling, reaching, standing, walking, pulling, lifting, using fingers, grasping, talking (English), hearing, extended repetitive motions, defined light level work. Visual acuity in varying situations required.
Working Conditions: Work is performed in an office environment with average to moderate noise levels. Must be able to work irregular hours for assignment completion and flexibility to change scheduling and report to work on short notice during emergency situations. Weekends, evening hours, and overnight travel is occasionally necessary.
For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.
Internal Number: 42626870
BACK TO TOP
MORS Career Center is Just One of the Benefits.
Discover what else MORS Membership has to offer!
The job you are trying to reach from was originally posted at MORS Career Center.