Cyber Security Architect

We are seeking a highly experienced Senior Cyber Security Architect to join our team. The successful candidate will possess a unique blend of cloud architecture expertise, cybersecurity penetration testing experience, and leadership skills to mentor our cybersecurity team. This individual will play a critical role in developing and implementing our cybersecurity program, performing architecture reviews, and providing consultative guidance to secure our systems and applications. This individual will be a working cybersecurity expert and will be required to architect secure systems and solutions.

• Conduct system exploits and security testing for web applications, servers, and desktops to identify vulnerabilities and provide recommendations for remediation and hardening.
• Develop and implement a comprehensive cyber security program to protect our organization's assets and data.
• Strong VISIO, Draw.io, or other diagraming tools with the ability to create robust logical diagrams.
• Perform architecture reviews to ensure the security and integrity of our systems and applications, and provide guidance on secure design principles and best practices.
• Collaborate with technical owners to secure products and services, providing cyber security consulting expertise and guidance on secure development lifecycle practices.
• Utilize automated penetration/breach attack simulation products to identify vulnerabilities and weaknesses, and provide recommendations for remediation.
• Perform threat hunting activities to detect and respond to potential security threats.
• Design and implement automation scripts and tools to streamline cyber security processes and improve efficiency.
• Strong knowledge in SIEM technologies to help data science team build high fidelity alerts.
• Mentor and lead our cyber security team, providing guidance and expertise to help them develop their skills and knowledge.
• Stay up-to-date with emerging threats, technologies, and trends in cyber security, and apply this knowledge to improve our organization's cyber security posture.

• 8+ years of experience in cyber security, with a focus on cloud architecture, penetration testing, and security consulting.
• 5 years' experience conducting comprehensive security assessments of web applications and APIs, simulating real-world attacks using tools such as Burp Suite, ZAP, and Postman to identify and exploit vulnerabilities (e.g., SQL injection, XSS, CSRF).
• 5 years' experience performing penetration testing and red team exercises on systems, networks, and applications using tools like Metasploit and Cobalt Strike, delivering actionable remediation strategies and recommendations to enhance overall security posture.
• Strong knowledge of system exploitation and security testing methodologies, including web application security testing and vulnerability assessment.
• Strong understanding of the Windows, Linux and Macintosh operating systems relevant to hardening (Registry, configs, stigs)
• Experience with automated penetration/breach attack simulation products (such as Pentera, Horizon3, Cimulate, AttackIQ, Verodin)
• Strong understanding of cloud security architecture, including AWS, Azure, or Google Cloud Platform.
• Experience with cyber security frameworks and standards, such as NIST, ISO 27001, or PCI-DSS.
• Strong leadership and mentoring skills, with the ability to lead and guide a team of cyber security professionals.

• Advanced degree in Computer Science, Cyber Security, or a related field.
• Industry-recognized certifications, such as OSCP, CEH, or CISSP.
• Experience with security orchestration, automation, and response (SOAR) tools.
• Familiarity with DevSecOps practices and tools, such as Jenkins, Docker, or Kubernetes.
• Experience with threat intelligence platforms and threat hunting tools.
• Excellent communication and interpersonal skills, with the ability to communicate complex technical concepts to non-technical stakeholders.