SENIOR CYBER SECURITY ARCHITECT
- The Senior Cybersecurity Architect will play an integral role in defining and assessing the organization's security strategy, architecture and practices.
- This role will apply critical cybersecurity expertise to initiatives across all Moffitt's lines of business.
- The Senior Cybersecurity Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
- In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contribute to the cybersecurity posture of Moffitt.
- Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with the business, technology, and threat drivers.
- Develops and maintains security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations; determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation.
- Develops processes and procedures to validate information technology infrastructure, other reference architectures, configurations, and access to cybersecurity infrastructure for industry best practices, and recommends changes to enhance cybersecurity posture and reduce risk where applicable.
- Coordinates with internal and external stakeholders to evaluate proposed statements of work, review high-level design documents, and associated SSAE 16 SOC 1 and SOC 2 audit reports to ensure that adequate security protections are in place and compatible with the current organizational architecture.
- Guide and counsel technical and non-technical teams standards and practices required for all applicable Federal and State regulations based on the classification of the data and business use cases to ensure compliance.
- Often interface with information technology peers, leadership, and business relationship managers to understand, design, and improve cybersecurity as it relates to the various organizational lines of business.
Credentials and Experience:
- High School Diploma/GED
- 12 years of cyber security architecture experience
- Associate’s Degree
- 10 years of cyber security architecture experience
- Bachelor’s Degree
- 8 years of cyber security architecture experience
- Master’s Degree
- 6 years of cyber security architecture experience
- Experience with Cybersecurity programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity, and access management, data protection, penetration testing, Web application security testing, vulnerability, and risk management
- Act as a solutions-focused business partner to our Architecture, Engineering, DevOps, IT, and Cybersecurity teams Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Design, build and implement enterprise-class cybersecurity systems, define and align standards, frameworks, and cybersecurity with business and technology strategy, and identify and communicate current and emerging security threats.
- Proven experience building security reference architecture for cloud deployments and hybrid scenarios.
- Implementation experience with enterprise security solutions such as Wireless Application Firewalls, Intrusion Protection and Detection Systems, Network Access Controls, and Security Information Event Management solutions.
- Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments.
- Experience with the Cyber Kill Chain and enterprise solutions.
- Demonstrated knowledge of HIPAA, PCI DSS, GDPR, and SOC.