Senior Cybersecurity Engineer / USAClick here to shortlist this job 1-CLICK Apply With Employer or Register Now
|Location:||Houston, Texas, USA|
Sr. Cybersecurity Engineer (Vision, Strategy, Engineering and Architecture)
Sr. Cybersecurity Engineer with focus on Vision and Strategy that serves as a subject matter expert (SME) for information-centric security. Protect company information security throughout the information lifecycle.
Responsible to design, build, testing, and implementing security systems within company enterprise ecosystems. The role is expected to have a thorough understanding of complex IT and digital systems, be up to date with cloud and on-premises security and the latest security standards, industry standards, and best practices including industry standard-setting security solutions and products. Provide the business with security requirements according to business goals and strategies to include those achieving security audits, assessments and certifications such as SOC, ISO, GDPR.
Practical knowledge and understanding of key security architectures, platforms, technologies and principles such as: Zero trust security, IaaS, SaaS, PaaS, IaaS (AWS, Azure and more…,) Network Security (NGFW, WAF, REVERS & FORWARD facing proxies, Load-balancing, VPN, FW as a service, 802.1x and 802.11), Secure Web Access, Information Protection, Identity and Access Management, Endpoint Security solutions, Secure Asset Management and BYOD concepts.
- Participate as a member of an international team of experts in the domain of information security and protection.
- Design, Build, Test and Operationalize tools and controls which may include, Network Security, Endpoint Security, Data loss prevention, Data Classification, Business Resilience and Recovery, Access control and monitoring, encryption, masking, and tokenization, Cloud access and cloud security brokers.
- Closely partner with business stakeholders to advocate, discover, plan, communicate, prepare, and deliver appropriate protection for company information.
- Assess and analyze system security landscape, postures, technologies, and vulnerabilities to determine the best courses of action or mitigating controls.
- Direct security implementations and tuning for protective, detective, and reactive responses.
- Lead forward-thinking security concepts for platforms and enterprise architectures that enhance secure ecosystem integrations and avoid compatibility complications
- Leverage company's vendor partnerships, outsourcing entities, and service providers to improve security by identifying, adapting, and enhancing available Cybersecurity capabilities effectively.
- Contribute to the strategy and roadmap protecting information and digital assets.
- Reduce risks to business risk acceptance levels through designing, building, testing, and deploying secure, resilient ecosystems and architectures that leverage best platform designs, including cloud and hybrid.
- Determine information requirements by evaluating business strategies and requirements.
- Reinforce business objectives by matching appropriate security controls to information.
- Identify risks. Offer business appropriate solutions that mitigate or reduce risk.
- Enhance ability to protect, defend, and respond to threats through network, asset, Identity, and data-centric situational awareness.
- Review and analyze existing capability for effectiveness, efficiency, and cost optimization. Seek and identify opportunities to better leverage what works and improve what does not.
- Regularly publish metrics and KPI to track and communicate performance.
Basic / Required Qualifications:
- 7+ years of information security experience including Secure Cloud Architecture
- 7+ years supporting large, complex, business-critical enterprise services including Cybersecurity Operations or Architecture
- 5+ years developing strong influence skills, building trust within the team with the business and IT vendors
- 5+ years implementing agile, resilient, or innovative centric technologies
- 3+ years in a supervisory role
- 3+ years managing operational and capital project budgets
- Advanced oral and written communication skills.
- Experience with delivering and assisting with SOC, ISO assessments and reports.
- Extensive understanding of the following security domains: Cloud Security, Edge Computing, Audit and Monitoring, Risk Response & Recovery, Cryptography, Data Communications, Malicious Code, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, Security Management Practices, Investigation & Ethics.
- Solid understanding of security authentication, authorization, auditing, cryptography and security protocols to effect improvements in the security posture across all aspects, including: endpoint security, detection, response, secure asset management and BYOD concepts, DLP, API security. Good knowledge and understanding of Identity and access management concepts (MFA, Federation, SSO, PKI, and so on), Information: discovery, classification, protection, assurance, and destruction.
- Extensive knowledge of industry standards like NIST, ISO, OWASP, CSA including performance, risk management, and reliability
- Preferred Qualifications:
- Bachelor's Degree in Computer Science or related discipline.
- Certifications: CISSP, CISM, Security+, CEH, AWS, MS cloud
- Experience working within an international, complex, large organization
- Able to work effectively in a matrix-management environment.
- Advanced interpersonal, analytical, organizational, and problem-solving skills.
- Understanding of project management knowledge areas.
- Ability to establish and maintain effective working relationships
- Office work environment
- Sponsoring and mentoring environment
- Diversity in workgroups
- Frequent sitting and operating a computer and meeting with customers
- Travel to other company sites may be required (10%)