Cyber Security Architect

The Cyber Security Architect I is a senior cyber security practitioner responsible for designing and implementing secure infrastructure solutions across on-premises and cloud environments, ensuring the confidentiality, integrity, and availability of the organization's information assets. This role will provide expert guidance on the secure deployment of infrastructure, as well as integration with existing systems and technologies. The successful candidate will have advanced knowledge of security development life cycle (SDLC) principles and will assist in the development of secure coding practices, scripting, and automation of security controls. Additionally, the Cyber Security Architect I will have experience with red, blue, and purple team activities, providing strategic threat modeling and vulnerability assessment expertise to inform security architecture and design. The goal of this role is to provide technical leadership and expertise in the design and implementation of secure systems, applications, and infrastructure, ensuring the organization's cybersecurity posture is aligned with industry best practices and emerging threats.

• As a Cyber Security Architect, you will have a key role in shaping the organization's cyber security strategy and architecture, and will be responsible for:
• Designing and implementing comprehensive security architectures for on-premises and cloud-based systems, applications, and infrastructure, to ensure the "CIA" triangle of Herc's systems
• Collaborating with cross-functional teams, including development, operations, and engineering, to integrate security into the development life cycle (SDLC) and ensure that security is a core component of all technology projects and initiatives.
• Develop and maintain a deep understanding of our threat landscape and using this knowledge to inform the development of strategic threat models, vulnerability assessments, and risk mitigation strategies.
• Lead the development and implementation of advanced security controls, including automation and orchestration of security processes, and the integration of security tools and technologies with existing systems and infrastructure.
• Provide expert guidance and advice on security-related matters, including compliance, risk management, and incident response, and serving as a subject matter expert on security architecture and engineering.
• Collaborate with the red, blue, and purple team activities to implement advanced threat simulation and vulnerability assessment exercises, and to develop and refine the organization's threat detection and response capabilities.
• Develop and maintain strategic relationships with key stakeholders, including executives, engineers, and external partners, to ensure that security is a core component of all business and technology initiatives.
• Mentor and help increase the abilities of others within the cyber security team and IT organization.

• 7 - 10 years of working cyber security experience.
• Expertise in scripting languages such as Python, Bash, and PowerShell
• Expertise in Cyber Security Incident Response
• Expertise in securing Windows and Linux servers
• Experience in securing cloud solutions
• Very strong knowledge in cybersecurity solutions such as WebAuthN, Fido2, SAML, SSE/ZTNA types of solutions
• Strong GPO knowledge to provide system hardening recommendations.
• A naturally curious mindset, with a passion for learning and exploring new concepts and technologies
• Unquestionable integrity, with a strong commitment to ethics and a willingness to do what is right, even in challenging situations
• Excellent relationship-building skills, with the ability to collaborate and communicate effectively with colleagues across the cybersecurity team and other departments
• A strong ability to adapt to changing priorities and deadlines, with a flexible and agile approach to work
• Must undergo and pass a thorough background investigation, which includes a check of criminal records and a review of financial history to ensure responsible financial management.

Education:

Bachelor's degree or equivalent work experience. A CISSP, CASP+, OSCP, GWAPT or industry-recognized certification is strongly desired for this senior position.

• Advanced scripting skills in languages such as Python, Bash, and PowerShell, as well as the ability to develop complex scripts and automate security processes.
• Cloud security expertise, with strong knowledge of providers such as AWS, Azure, Google, and others, and experience in securing cloud-based systems and applications.
• Operating system security with expertise in securing Windows and Linux systems as well as hardening to promote a deny by default mindset.
• Strong knowledge of cybersecurity solutions such as WebAuthN, Fido2, SAML, SSE/ZTNA, and other advanced security technologies.
• Advanced understanding of GPOs, with the ability to provide system hardening recommendations and implement security configurations.
• Experience with threat modeling and vulnerability assessment tools and techniques, including participating and working with red, blue and purple teams.
• Knowledge of SDLC principles and practices, with experience in integrating security into the development life cycle.
• Familiarity with cybersecurity automation and orchestration.
• Experience with incident response and threat hunting, including knowledge of threat intel, incident response methodologies, and threat hunting tools and techniques.
• Understanding of compliance and risk management frameworks such as NIST, ISO 27001 and others.
• Excellent communication and collaboration skills, with the ability to work effectively with cross-functional teams, including development, operations, and engineering.
• Ability to mentor and lead others, with experience in developing and implementing security training programs and providing guidance and expertise to junior team members.