SENIOR CYBER SECURITY ARCHITECTPosition Highlights:
The Senior Cybersecurity Architect will play an integral role in defining and assessing the organization's security strategy, architecture and practices.
This role will apply critical cybersecurity expertise to initiatives across all Moffitt's lines of business.
The Senior Cybersecurity Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the cybersecurity posture of Moffitt.
Responsibilities:
Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
Develops and maintains security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations; determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation
Develops processes and procedures to validate information technology infrastructure, other reference architectures, configurations and access to cybersecurity infrastructure for industry best practices, and recommend changes to enhance cybersecurity posture and reduce risk where applicable
Coordinates with internal and external stakeholders to evaluate proposed statements of work, review high-level design documents and associated SSAE 16 SOC 1 and SOC 2 audit reports to ensure that adequate security protections are in place and compatible with current organizational architecture
Guide and counsel technical and non-technical teams standards and practices required for all applicable Federal and State regulations based on the classification of the data and business use cases to ensure compliance
Often interface with information technology peers, leadership and business relationship managers to understand, design, and improve cybersecurity as it relates to the various organizational lines of business
Credentials and Experience:
High School Diploma/GED
12 years of cyber security architecture experience
Or
Associate’s Degree
10 years of cyber security architecture experience
Or
Bachelor’s Degree
8 years of cyber security architecture experience
Or
Master’s Degree
6 years of cyber security architecture experience
Experience with Cybersecurity programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, penetration testing, Web application security testing, vulnerability and risk management
Act as a solutions-focused business partner to our Architecture, Engineering, DevOps, IT, and Cybersecurity teams and Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Design, build and implement enterprise-class cybersecurity systems, define and align standards, frameworks and cybersecurity with business and technology strategy, identify and communicate current and emerging security threats.
Proven experience building security reference architecture for cloud deployments and hybrid scenarios
Implementation experience with enterprise security solutions such as Wireless Application Firewalls, Intrusion Protections and Detection Systems, Network Access Controls and Security Information Event Management solutions
Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments
Experience with the Cyber Kill Chain and enterprise solutions
Demonstrated knowledge of HIPAA, PCI DSS, GDPR and SOC
Licensure/Certification:
CISSP-ISSAP