Proven expertise in mitigating and understanding threat vectors including actor behavior, DDoS, Phishing, Malicious
- Payload, Cloud, Mobile Devices, etc. Understand the cyber threat landscape.
- Proven expertise in building a defense in depth infrastructure security architecture that includes security controls
across multiple technology stack. Ability to champion both conventional and non-conventional methods to protecting an enterprise at scale.
- - Strong knowledge in host based security solutions such as HIPS, Data Loss Prevention (DLP), end point protection,and application whitelisting.
- - Strong knowledge of networking, Unix/Linux, NAS/SAN, virtualization, authentication, cryptography. Must be fully conversant up and down the technology stack.
- - Working experience with IPS, DLP, Firewalls, SIEM, and security assessment tools/methodology (network, systems, and application).
- - Must have solid knowledge and understanding of scripting and secure configurations for mainstream operating systems
- (*nix, Windows, etc.)
- Architecture and solution design experience required to develop infrastructure based detailed design specifications.
- Strong knowledge in enterprise logging and monitoring solutions including monitoring privilege user accounts and sensitive configuration files
- Knowledge of Identity and Access Management, Cloud, and PKI/Certificate Services a plus
- Message driven architecture experience/exposure
- Expert in various patterns of enterprise architecture and best practices, to include data masking, encryption, logging, etc.
- Knowledge of DevOps methods and CI/CD automation practices
- AWS Cloud Services experience; solution delivery expertise, migration of applications to the cloud, automation through
various tools both AWS native and third-party. Serves as a leader in the AWS space for InfoSec interfacing with internal customers and other parts of InfoSec.
Core Specialized Knowledge & Skills
- Implement Configuration Management and Infrastructure as Code (e.g. Chef, CloudFormation, Terraform, Puppet, Ansible)
- Assist with estimating work efforts required for each phase of a project.
- Implement a tools driven and highly automated approach to deliver our key security management processes by exploiting investment in existing tooling and / or identify new tooling.
- Deploy automated security solutions for cloud delivery processes
- Experience in an environment using agile methodology
- Experience not with just pure design, but experience in the actual delivery of projects
- Process analysis and systematic thinking
- Ability to manage resources, coordinate and administer team assignments, monitor team progress, and maintain schedules
- Ability to manage large, cross-divisional Program activities in a complex environment and drive results
- Ability to operate at strategic and tactical levels
- Knowledge and/or experience relating to Outsourcing/Managed Service Provider governance, transition, contract management and performance management
- Experience driving organizational change
- Experience working in a matrixed team environment
- Excellent written and verbal communication skills
- Client/Customer Service Delivery Experience
- Experience in applying best practices related to Stakeholder Management
- Experience researching and evaluating available technologies and standards to meet requirements
- Thrives in a highly regulated, fast paced, and changing environment
- Prior experience in financial services a plus
- Prior experience working with Perl, Bash, Python, XML, REST API, and JSON desired
- IT Security certifications required: CISSP or GIAC equivalent
- AWS certifications desired: AWS Solution Architect
- 5+ years of hands on experience in AWS Space