[24]7 Inc - Senior Infrastructure Cyber Security Architect

Job Description

The Senior Infrastructure Cybersecurity Architect shall be responsible for ensuring the Information Security, Compliance, and Business Continuity needs of [24]7 across all its Business units and Geographies. The position will provide leadership and support for incident response engagements, client security assessments, regulatory control assessments and numerous other assignments relating to cyber security consultations.

Requirements:

- Should have experience managing security and compliance for SAAS, PAAS environments.

- Should have thorough knowledge on Security and compliance risks and counter measures associated with Cloud (Public, Private, and Hybrid)

- Knowledge and understanding of AWS and Azure implementations

- Should have broad technical foundation and can understand network, operating system, database, and application development design and support as necessary to be able to analyze issues and recommend solutions for the detection, remediation, and prevention of security vulnerabilities

- Experience and expertise in evaluating Server, LAN, WAN, VPN, Firewall, etc. implementation, architecture, and design. Be able to communicate positive feedback, concerns, and recommendations to a broad range of technical and non-technical staff in ways that are simple and easy to use and understand

- Able to put together security, compliance and privacy specific requirements for different infrastructure related implementation including, Local Area Networks (LANs), Wide Area Networks (WANs), WIFI, IPS, DLP, SIEM, Virtual Private Networks (VPNs), 2-Factor Authentication, FIM, Routers, Firewalls, and other security infrastructure components

- Should have experience with managing security incidents. Be able to lead the response to one or more security incidents. Be able to coordinate and manage resolution to current or potential threats, incidents, or vulnerabilities

- Be able to review and decipher security event logs and alerts from different systems and tools including, Application, Database, Firewalls, IDS/IPS, SIEM, DLP etc.

- Assists IT, Cloud, and Cybersecurity team members with the implementation and tuning of policies across different infrastructure system/services, including IDS/IPS, SIEM, FIM, DLP, etc.

- Experience in designing and reviewing security controls for large cloud based deployments (both Public and Private).

- Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.

- Should have broad knowledge of security policies and practices, including ISO 27001 and Payment Card Industry (PCI)

Reasonable technical understanding in the following areas:

- Cloud/virtualization security,

- Server/OS security,

- Identity and access management,

- Network security

- Ability to work under pressure, and deliver to deadlines, on a self-driven basis

- Logical thinker, strong analysis, problem assessment and resolution oriented

- Strong achievement focus i.e. high energy levels and commitment to ending result

Job Responsibilities:

- Work with the CISO to set the strategic direction and planning for Information Security, including annual and long term security and compliance goals.

- Manage the overall global infrastructure security strategy and establish company-wide standards and controls, including directing updates or creation of related policies, procedures, programs, and guidelines to ensure company-wide information security and assurance.

- Oversee incident response planning and exercises, the investigation of security breaches, the review of investigations after breaches or incidents, including impact analysis and recommendations.

- Work directly with the client services team, information security manager, and clients to answer security and compliance related questions and develop internal resources for frequently asked questions

- Lead technical risk assessments for new and existing services

- Translate corporate, client, and regulatory compliance requirements to current and future capabilities, products, and projects.

- Take ownership of key partnerships with 3rd party security service and technology product vendors and partners.

- Work with outside consultants to complete independent industry standard information security certifications.

- Ensure compliance with the changing laws and applicable regulations.

- Coordinate and track all information technology and security related audits including the scope of audits, units involved, timelines, auditing agencies, and outcomes.

- Oversee the continuous monitoring and protection of [24]7 Crown jewels.

- Evaluate suspected security breaches, work with subject matter experts, and recommend corrective actions.

Qualifications:

- B.S. or M.S. Computer Science or related field