This job has expired, please see additional jobs below
Enterprise Security Architect
AMC Networks
Bethpage, NY, United States
Job Details - this job has expired, please see similar jobs below
OVERVIEW OF ROLE
The Enterprise Security Architect plays an integral role in defining, assessing, and implementing the organization's security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
KEY DUTIES AND RESPONSIBILITIES
Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers Develop security strategy plans and roadmaps based on sound enterprise architecture practices Participate in application and infrastructure projects to provide security-planning advice Determine and refine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM) Validate security configurations, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems Perform regular vulnerability testing of enterprise services and applications, assess results, prioritize, and coordinate remediation efforts with colleagues Ability to leverage SIEM platform for conducting forensic security investigations and identifying potential indicators of compromise (IOCs). Develop and use advanced, customized tools and scripts to enhance security assessments and proactive alerting
Review all security reports and logs for unusual or anomalous activities Ability to perform secure application code review, and coordinate with development teams to advocate secure coding practices. Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data Review all existing and new security technologies, tools and services, and make recommendations to the broader infrastructure team Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle Participate in all information security related incident response activities Stay abreast of information security events, news, trends and evolving legislative/regulatory changes
KEY RELATIONSHIPS
This position will require excellent communication and technical skills, while working closely with all business units within AMC Networks and external vendors in determining design criteria and proof of concept as they relate to Securing all facets of the Enterprise.
QUALIFICATIONS
Education
Bachelor's or Master's degree in computer science, information systems, cybersecurity, or a related field.
Certifications
• ISC2 CISSP/CISM
• SANS GIAC
• Palo Alto Certified Network Security Engineer (PCNSE)
• Cisco CCNP Security
Security and Technical Experience
The enterprise security architect should have 8 or more years of direct, documented, and verifiable experience with the following:
• Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
• Verifiable experience reviewing application code for security vulnerabilities
• Direct, hands-on experience or a strong working knowledge of vulnerability management tools
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
• Full-stack knowledge of IT infrastructure:
◦ Applications
◦ Databases
◦ Operating systems - Windows, Linux, Mac OSX
◦ Hypervisors, Cloud Computing
◦ TCP/IP networks - WAN and LAN
◦ Storage networks – Fibre-Channel, iSCSI and NAS
◦ Modern Authentication Protocols- SAML, OAUTH
◦ Cryptography - Asymmetrical/Symmetrical encryption, hashing
◦ Scripting – PowerShell, Regex, VBScript
• 3 or more years management experience
• 3 or more years experience leading high profile security projects
• Direct experience creating management presentations, both strategic and tactical
• Direct experience designing IAM technologies and services:
◦ Active Directory
◦ Amazon Web Service (AWS)
• Strong working knowledge of IT Service Management (e.g., ITIL-related disciplines):
◦ Change management
◦ Configuration management
◦ Asset management
◦ Incident management
◦ Problem management
Industry and Regulatory Experience
The enterprise security architect is expected to have documented experience with the following:
Regulations, Standards and Frameworks
• Payment Card Industry Data Security Standard (PCI-DSS)
• Sarbanes-Oxley
• General Data Protection Regulation (GDPR)
• NIST Cybersecurity Framework (CSF)
Industry, Market or Sector Experience
• Media
• Broadcasting
The Company is committed to policy of nondiscrimination in its employment and personnel practices. Applicants are considered for all employment without regard to race, color, religious creed, religion, alienage, citizenship, gender, gender identity, national origin, ancestry, genetic predisposition or carrier status, age, marital status, familial status, military or veteran status, status as a victim of domestic violence, stalking or sexual assault, sexual orientation, disability or any other characteristic protected by federal, state or local law.