SENIOR CYBER SECURITY ARCHITECT

Position Highlights:

• The Senior Cybersecurity Architect will play an integral role in defining and assessing the organization's security strategy, architecture and practices.
• This role will apply critical cybersecurity expertise to initiatives across all Moffitt's lines of business.
• The Senior Cybersecurity Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
• In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the cybersecurity posture of Moffitt.

Responsibilities:

• Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
• Develops and maintains security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations; determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation
• Develops processes and procedures to validate information technology infrastructure, other reference architectures, configurations and access to cybersecurity infrastructure for industry best practices, and recommend changes to enhance cybersecurity posture and reduce risk where applicable
• Coordinates with internal and external stakeholders to evaluate proposed statements of work, review high-level design documents and associated SSAE 16 SOC 1 and SOC 2 audit reports to ensure that adequate security protections are in place and compatible with current organizational architecture
• Guide and counsel technical and non-technical teams standards and practices required for all applicable Federal and State regulations based on the classification of the data and business use cases to ensure compliance
• Often interface with information technology peers, leadership and business relationship managers to understand, design, and improve cybersecurity as it relates to the various organizational lines of business

Credentials and Experience:

• High School Diploma/GED
  • 12 years of cyber security architecture experience

• Bachelor’s Degree
  • 8 years of cyber security architecture experience

Experience with Cybersecurity programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, penetration testing, Web application security testing, vulnerability and risk management

• Act as a solutions-focused business partner to our Architecture, Engineering, DevOps, IT, and Cybersecurity teams and Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Design, build and implement enterprise-class cybersecurity systems, define and align standards, frameworks and cybersecurity with business and technology strategy, identify and communicate current and emerging security threats.
• Proven experience building security reference architecture for cloud deployments and hybrid scenarios
• Implementation experience with enterprise security solutions such as Wireless Application Firewalls, Intrusion Protections and Detection Systems, Network Access Controls and Security Information Event Management solutions
• Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments
• Experience with the Cyber Kill Chain and enterprise solutions
• Demonstrated knowledge of HIPAA, PCI DSS, GDPR and SOC

Licensure/Certification:

• CISSP-ISSAP or similar certification (required within 12 months of date of hire)