Freedom Financial Network

Receive alerts when this company posts new jobs.

Similar Jobs

Job Details

Information Security Specialist III - Security Architect

at Freedom Financial Network

Posted: 11/11/2020
Job Reference #: ovIYdfw8
Keywords:

Job Description

Description

Information Security Specialist III – Security Architect

Position Summary:

The Information Security Specialist III – Security Engineer is a technical expert concerned the security controls and tools associated with multiple security domains. With a focus on physical, virtual, and cloud network operations, the Security Engineer envisions, designs, specifies, implements, monitors, and improves upon those controls; ensuring alignment with governing standards (NIST, ISO27001) and compliance with regulatory requirements (SOC, PCI, CCPA). The Security Engineer also fosters automated integration and interoperability across multiple vendors’ security appliances; this integration is not just between those appliances that are deployed within Freedom Financial Network production systems, but also between those internal devices connected to outside parties.

Responsibilities and DutiesAs a tier III professional, you are expected to have expertise in at least 3 of these security engineering domain areas:

  • Cloud Security: Responsible for working with DevOps and Infrastructure teams to analyze and maintain existing structure or create new, secured, cloud environments. A thorough understanding of securing Kubernetes, VPCs, IaaS, PKI, KMS, scripting, APIs, automation tools such as Terraform, and platforms such as AWS, GCP, or Azure.
  • Web Application Security: Responsible for driving security initiatives in the development environment through collaboration with developer teams. Requires knowledge of automated and manual testing tools, API Security, OWASP remediations, working with repositories & branches, Agile & CI/CD methods, writing security stories, and being able to provide technical explanations for both the threat and the remediation to developers. Familiarity with Java, PHP, and Go are a plus.
  • Offensive Security: Responsible for proactive threat hunting and penetration testing of all environments, documentation and reporting of findings, and working with other teams to assist with remediation and re-testing.
  • Network Security: Responsible for Firewalls, IPS/IDS, Proxies, URL Filtering, IP Whitelist/Blacklisting, Geo-fencing, DDoS protection, VPNs, NAC, posturing systems, and other security technologies for both physical and cloud operations.
  • VMware System Security: Responsible for working with Infrastructure teams to analyze and maintain existing structure or create new, secured, virtual environments. Knowledge of the VMware stack, Horizon, Workspace One, and NSX required.
  • System Security: Responsible for working with Infrastructure teams to analyze and maintain existing structure or create new, secured, domain environments. A thorough knowledge of Microsoft domains, including Active Directory, Azure AD, DHCP, DNS, Kerberos, Group Policy, Scripting, Patch Management, Endpoint Management, AV & EDR Tools, FIM tools, SNMP/WMI/Syslog management and monitoring.
  • SIEM/SOC Security: Responsible for SIEM tools feeding SOC operations, including ongoing management, tuning, alert thresholds, initial investigation and validation of threats, and building functional reports to relay threat analytics to stakeholders in a digestible format.
  • Incident Response & Forensics: Accountable for Incident Response handling and forensics using appropriate methodologies to acquire and preserve evidence in a manner consistent with legal requirements for admissible evidence. Ability to perform root cause/post-mortem analysis.

Qualifications and Education Requirements:

  • The desire to LEARN and GROW as part of a TEAM
  • Bachelor's degree preferred
  • 5 + years of enterprise security experience
  • Ability to effectively manage your time and communications.
  • Ability to identify problems, analyze data, present conclusions, and drive changes effectively
  • Knowledge of frameworks, standards, and best practices (i.e. NIST, OWASP, PCI, ISO, COBIT,)
  • CCIE/CCNP Security, CISSP, CEH, CISM or similar certifications

Preferred Skills:

  • Critical Thinking -- Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
  • Active Listening -- Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
  • Writing -- Communicating effectively in writing as appropriate for the needs of the audience.
  • Skilled at communicating and prioritizing threats and vulnerabilities to a diverse audience, and be able to confidently express and assist with proper remediation methods

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!