No more applications are being accepted for this job
- Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. Unless specifically stated otherwise, this role is "On-Site" at the location detailed in the job post.
Security Architect - Houston, United States - VetJobs
Description
Job DescriptionATTENTION MILITARY AFFILIATED JOB SEEKERS
THIS IS A HYBRID POSITION (Remote & Onsite)
This position will be filled as a Security Architect or Security Architect Sr depending on qualifications and experience of the candidate
This position may be filled in The Woodlands TX, New Orleans LA, Jackson MS, or Little Rock AR; Other locations within Entergy's service territory may be considered
Job Summary
The Zero Trust Security Architect utilizes their knowledge of IT and Cybersecurity engineering to lead and/or participate in the development of assigned projects or solutions.
The Zero Trust Security Architect focuses on implementing security requirements for assigned projects and solutions while maintaining compliance with internal and externals policies and regulations.
The Zero Trust Security Architect works closely with the Enterprise Security Architect to ensure projects and solutions are consistent with Entergy's Information Security strategy and roadmap.
The Zero Trust Security Architect provides clear and concise direction to project stakeholders and acts as the "face" of information security for those teams.
Key ResponsibilitiesZero Trust Architect will plan, manage, and coordinate the complex cybersecurity governance activities requiring multi-disciplinary collaboration.
Experience with System Maturity Model.
Participate, lead, and jointly deliver security evaluation reports on cloud providers , cloud native platforms (PCF, Docker, Kubernetes, etc.), and Software as a Service solutions
Zero Trust Knowledge of NIST guidelines and compliance requirements.
Provide domain expertise in both public and private cloud and enterprise technology
Continually evaluate new threats in the cloud, to identify the impact on IT and Business to develop and implement security controls
Knowledge and experience using relevant cybersecurity and analysis tools. Utilize Information Security reference architectures to develop secure solutions and designs for projects
Provide input to policies, procedures, standards, processes, and templates that are consistent with the Cybersecurity strategy and roadmap
Participate in security and non-security projects to ensure that security requirements are defined and implemented
Perform assessments and threat modeling of existing and emerging technologies to ensure they meet Entergy security and compliance requirements
Evangelize and advocate for information security with stakeholders
Monitor emerging trends in Information Security and technology and make or suggest changes to Entergy's security posture as necessary
Additional Qualifications/Responsibilities
Education needed
Bachelor's degree in computer science, cybersecurity, information systems, engineering or a related discipline or equivalent work experience. Master's degree is a plus.
Experience needed
Security Architect Sr : 5+ years of full-time dedicated experience in Cloud Security roles focused on delivering security on cloud native, distributed architectural solutions in complex environments
Security Architect : 3+ years of full-time dedicated experience in Cloud Security roles focused on delivering security on cloud native, distributed architectural solutions in complex environments
Experience in defining security standards and reference architectures used to guide technical resources in secure system implementation and configuration for enterprise systems
Familiarity with predominant public cloud providers
Understanding of Industry trends in Zero Trust Identity
Experience working with outsourced teams
Experience in working in partnership with colleagues throughout the enterprise
Minimum Knowledge, Skills, and Abilities needed
Familiarity with technologies commonly utilized within an enterprise IT and OT environment
ZeroTrust Knowledge of NIST guidelines and compliance requirements.
Strong knowledge of multiple information security domains with an emphasis in Cloud services
Operating systems (*nix, Windows, IOS, etc.)
Networking and network security
APIs
Secure coding/application security
Vulnerability Management
SIEM
Identity and Access Management
Penetration testing
Scripting (Python, PowerShell, Perl, etc.)
Security process and control development
Endpoint protection technology
OT systems and protocols
Smart Grid technology
Some knowledge of IT Security regulations and guidance such as NIST, FISMA & ISO27001
Technical knowledge of complex enterprise IT systems.
Familiarity with The Open Group Architecture Framework (TOGAF), Open Web Application Security Project (OWASP), Open Security Architecture, National Institute of Standards and Technology (NIST) Cloud Computing Reference Architecture, or other architecture frameworks
Able to be hands-on with technical engineering and process management skills and the ability to advocate positive transformation within the broader information technology organization
Able to design & develop reference architectures
Able to design and develop an API based services layer for consistent integration with the security systems
Knowledge of security, risk, and control frameworks and standards such as ISO 27001 and 27002, SANS-CAG, NIST, FISMA, COBIT, COSO and ITIL
Strong writing and analytic ability
Strong ability to communicate across the enterprise concisely and effectively
Available to travel
Self-motivated, with the ability to manage and follow up on multiple tasks simultaneously
Capable of meeting deadlines
Organizational and time management skills
Certifications
ISACA or ISC2 certification, such as CISSP, CISM, CISA are a plus
OSCP is a plus
#J-18808-Ljbffr