Cyber Security Architect

  • Contract

Company Description

Cloudskope has been a thought leader at the intersection of transformative technology and business innovation since our inception in 2016.

Headquartered in Dallas, we provide end-to-end digital transformation services that produce undeniable value for many of the world’s most successful companies.

if you love solving problems, engineering ideas, or creating solutions there is a spot for you at Cloudskope.  

Our Culture, Our Ethos

At CloudSkope, we believe that we can individually only excel when the collective is healthy.  Which is why we are commonly described as a family.  We believe that happy employees result in happy customers and we live, breathe, and embody that belief in everything we do. 

In addition to unique experiences and technical expertise we also bring together the best and brightest minds to our team and give them the freedom to innovate. 

At CloudSkope, we are a family that genuinely cares for one another, our clients, and our community — and we have a lot of fun together!

We are shaped by the experiences of our collective team, driven by a shared passion for making a difference, and steadfast in our commitment to integrity and humility in everything we do.  

Every member of our team brings unique perspectives, vision, entrepreneurship, and approaches to doing things.  We help each other, our customers, and sometimes even our competitors- after all- no matter who does the work, a customer will always benefit from it somehow.  

Our contribution to a project usually comes from many of us working together.

 

Job Description


The Cyber Security Architect will be designing, building, testing and implementing security systems within an organization’s IT network. The Cyber security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products. Responsible for overall planning, direction and oversight of multiple projects, products, services or functions.

Essential Functions:
● Be a product security champion by driving Security Architecture and Design/implementation/optimization for Web, API and Mobile backend applications
● Engage in the initial requirements definition (including analysis of threats and risks and alignment with Corporate security, Engineering, IT and Architecture standards.
● Conduct and facilitate security reviews, threat modelling including deep design reviews throughout the development lifecycle.
● Enable/build security on various platforms and technologies which protect the applications from attacks.
● Help business and Product teams to achieve various compliance certifications like PCI, FFIEC, etc.
● Identify and analyze system and application level vulnerabilities to provide recommended counter measures or mitigating controls that reduce risk to an acceptable and manageable level.
● Independently formulate direction, design or oversight for the development of major Enterprise-wide programs or plans that have significant impact on the success of the organization.
● Conduct regular system tests and ensure continuous monitoring of systems and network security.
● Review current system security measures and recommending and implementing enhancements
● Stay up to date with the latest security systems, standards, authentication protocols, and products
 

Qualifications

What we want you to have:
● Minimum of a Bachelor’s Degree in Computer Science, Information Technology, or other related field
o In lieu of degree, a high school diploma/equivalent with four or more years related experience and/or training or equivalent combination of education and experience will be considered
● 10+ years of work experience in information security and/or IT risk management with a focus on security, performance and reliability
● Strong understanding of security protocols, cryptography, authentication, authorization and security.
● Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
● Experience with application design, penetration testing, application risk and risk categorization.

What we would love for you to have: 
● CISSP, CEH, GCIH, and similar security certifications
● Experience with the vulnerability management lifecycle.
● Deep understanding of current compliance, regulatory and legal requirements relevant to the transaction processing industry such as PCI, HIPPA, SOX, and GLB.
● Knowledge of administrative, physical and technical controls that could be built around networks, systems and applications to secure them.
● A proven record of accomplishment in designing security controls for complex web applications with backend services expertise such as API Gateway, Identity and Access Management Services, Data Protection technologies, Security Information Event Management etc.
● Strong knowledge of deep design review and Secure Development Lifecycle methodologies, Agile based methodologies, middleware platforms, development platforms (Java, C#, .NET etc.).
● Experience working on large scale cloud-based services (including SaaS, PaaS, IaaS) and very understanding of security challenges involved in deploying Cloud Applications
● Technical experience with security technologies including, but not limited to, intrusion detection/prevention, event correlation, firewall, antivirus, anti-spam, policy enforcement, patch/configuration management, usage monitoring, audit, secure application development, etc.

Additional Information

All your information will be kept confidential according to EEO guidelines.