Cyber Defense Security Architect

About The Position

Requirements

• Minimum requirements include a college or university degree in related field.
• Minimum requirements include knowledge and skills developed through 7+ years of work experience in a related job discipline.
• Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium
• SANS GIAC Certification - Global Information Assurance Certification

Nice To Haves

• Bachelor of Science in a related field such as Computer Science, Information Science, and Security is strongly preferred.
• A minimum of four years of experience in Information Technology is strongly preferred.
• Advanced experience utilizing one or more of the following technologies: CrowdStrike, Qradar, Rapid7, BigFix, and JAMF.
• Advanced experience in handling incidents and responding to cyber threats.
• Ability to respond to changing priorities and operate effectively in a dynamic, demand-based environment, requiring extreme flexibility and responsiveness.
• Ability to weigh business needs against security concerns.
• Ability to conceptualize a course of action and to organize for the successful completion of that action is critical, often under tight deadlines.
• Ability to present information consistently and concisely.
• Ability to communicate in a personally effective and socially appropriate manner.
• Advanced knowledge in performing server and application administration.
• Advanced knowledge of data communication concepts and network/software configuration management.
• Advanced experience providing customer service.
• Ability to communicate in writing.
• Ability to communicate orally.
• Ability to condense complicated issues into simple summaries that can be understood by a variety of constituents.
• Ability to create and deliver presentations.
• Ability to develop and manage interpersonal relationships.
• Ability to exercise absolute discretion regarding confidential matters.
• Ability to follow written and/or verbal instructions.
• Ability to give directions.
• Ability to handle sensitive matters with tact and discretion.
• Ability to handle stressful situations.
• Ability to learn and develop skills.
• Ability to maintain a high level of alertness.
• Ability to pay attention to detail.
• Ability to perform multiple tasks simultaneously.
• Ability to prioritize work and meet deadlines.
• Ability to react effectively, quickly, calmly, and rationally during conflicts and emergencies.
• Ability to train or teach others.
• Ability to work effectively and collegially with little supervision or as a member of a team.
• Ability to work independently.
• Ability to work with frequent interruptions.
• Ability to work with people from diverse cultures and backgrounds.
• Active listening skills.
• Critical thinking skills.
• Decision-making skills.
• Editing and proofreading skills.
• Independent motivation.
• Interpersonal skills.
• Organizational skills.
• Planning skills.
• Problem-solving skills.
• Quantitative and analytical skills.
• Reasoning skills.
• Time management skills.

Responsibilities

• Automate Windows, Linux, and macOS patch management programs to ensure timely and effective mitigation.
• Monitor organizational assets and security defenses for cybersecurity risks, including proactive identification, assessment, and mitigation.
• Lead and champion business process analyses and recommends process and infrastructure improvements.
• Lead and manage the unit’s vulnerability management program, overseeing vulnerability assessment, remediation efforts, and ongoing improvement of security posture.
• Conduct scheduled and ad hoc security audits, run vulnerability scans, and ensure rigorous compliance with institutional security policies and regulatory requirements.
• Analyze log data, using a SIEM, performing traffic and data flow analysis to detect cyber-attacks and suspicious activities.
• Lead incident response operations, including recovering from security incidents using a standard workflow that limits damage, reduces recovery time, and minimizes cost.
• Deploy, configure, and manage security infrastructure (Ex, Lock Path, Rapid 7, Qradar, BigFix, and CrowdStrike).
• Lead and coordinate escalations and follow-ups to ensure timely and successful resolution of issues.
• Facilitate post-incident reviews and lessons learned for security incidents and root cause analysis for operational deficiencies with security infrastructure (e.g., system outages, etc.).
• Develop, maintain and enhance the incident response playbook, standard operating procedures, and documentation to ensure operational readiness and resilience across all security functions.
• Lead, foster, and facilitate cross-departmental and cross-enterprise collaboration to resolve complex challenges, ensuring timely and effective communication between stakeholders.
• Serve as a trusted advisor in proactively identifying opportunities to streamline operations and enhance efficiency through systems.
• Partner with unit and BSD leadership to lead and support transformational projects as needed.
• With a deep appreciation for the BSD mission, vision, values, and culture, provides excellent service to clients, enabling them to advance mission critical activities and focus on their core work and outcomes.
• Uses depth and breadth of IT expertise to develop and implement security and compliance policies, guidelines, and safe practices for university-wide computing and networking systems.
• Leads teams to conduct in-depth information technology risk assessments; makes recommendations and designs improvements to IT security procedures.
• Solves complex problems relating to user security needs and supports the implementation of procedures to accommodate them.
• Ensures that user community understands and adheres to necessary procedures to maintain security.
• Performs other related work as needed.

Benefits

• health
• retirement
• paid time off