TITLE: Security Architect
LOCATION: Jacksonville, FL 32202
TERM: 6 months contract
- Identify and communicate risks to Technology owners to promote a robust cyber risk management program to proactively triage and remediate flaws in Information Technology and Operational Technology systems.
- Conduct active and passive penetration testing on Information Technology and Operational Technology environments.
- Engage with Technology and Engineering teams to explain results and provide guidance on remediation of identified vulnerabilities.
- Lead the Vulnerability Management activities within the Information Security Working Group, a cross functional team of Technology Operations and Applications team members responsible for reducing the cyber attack surface of systems.
- Coordinate testing efforts of external red teaming and penetration teams.
- Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
- Manage production issues and incidents, and participate in problem and change management forums
- Assist with the resolution of negative audit findings reported by internal or external auditors.
- Bachelor’s degree from an accredited institution required in Computer Science, Computer Engineering, Software Engineering, Information Systems/Technology, or related major field of study.
- 5 or more years of experience in Information Security with focus specifically on Security Architecture, Security Operations, Cryptography, Network Security or Security Forensics
- Equivalent Minimum Qualifications
- High School diploma/GED
- 7 or more years of experience in Information Security.
- Master's degree from an accredited institution required in Security, Computer Science, Computer Engineering, Software Engineering, Information Systems/Technology or related major field of study.
- 3 or more years of experience in Information Security with focus specifically on Security Architecture, Security Operations, Cryptography, Network Security or Security Forensics.
- Past experience in a leadership/senior role in Information Security Management
- (ISC)² Certified Information Systems Security Professional (CISSP)
- Other Certifications/Licenses: CompTIA Security+, GIAC Information Security Fundamentals (GISF), (ISC)2 Systems Security Certified Practitioner (SSCP), EC-Council Certified Ethical Hacker (CEH), (ISC)² Certified Information Systems Security Professional (CISSP), GIAC Web Application Penetration Tester (GWAPT), Offensive Security Certified Professional (OSCP)
Knowledge and Skills:
- Network penetration testing and manipulation of network infrastructure
- Mobile and/or web application assessments
- Shell scripting or automation of simple tasks using Python
- Developing, extending, or modifying exploits, shellcode, or exploit tools
- Knowledge of application technology security testing (white box, black box and code review)
- Adheres to and improves upon company Information Security policies and procedures; mastery of core technical concepts; supports and assists in response to security events and escalations; may provide disaster recovery support; responsibilities may extend beyond day-time business hours, including on-call rotation
- Technical agility and strong analytical skills.
- Knowledge of mainstream operating systems (for example, Microsoft Windows and Linux) and a wide range of security technologies, such as network security appliances, identity and access management systems, anti-malware solutions, automated policy compliance and desktop security tools
- Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts
- Strong written and verbal communication skills
- Strong analytical skills
Apply to MATRIX today!