Cyber Security Architect
Cyber Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
As a Level 4 Senior Network Security Consultant you will oversee and support our critical security infrastructure. This role requires hands-on expertise with Proofpoint (POD TRAP TAP Email Security) Imperva WAF Zscaler cloud security platform and Cisco ISE Public Key Infrastructure (PKI) Data Loss Prevention (DLP) Cloud Access Security Broker (CASB) for managing supporting and optimizing endpoint security solutions such as CrowdStrike Trellix (formerly McAfee ePolicy Orchestrator) and other endpoint protection platforms. The role involves designing implementing and maintaining security solutions incident response policy development and supporting secure network architectures.
Key Responsibilities- Manage and support Proofpoint email security solutions including POD (Proofpoint On-Demand) TRAP (Threat Response Attachment Protection) TAP (Targeted Attack Protection) and overall email security architecture.
- Configure monitor and troubleshoot Imperva WAF for web application security.
- Implement and manage Zscaler security platform for cloud-based internet security.
- Maintain and optimize Cisco ISE for network access control and segmentation.
- Lead incident response efforts related to network security threats.
- Conduct security assessments audits and compliance checks.
- Develop and enforce security policies and procedures.
- Mentor junior staff and lead security projects.
- Collaborate with vendors and cross-department teams to ensure security measures are effective and up-to-date.
- Administer and troubleshoot enterprise PKI infrastructure including Microsoft ADCS.
- Manage certificate lifecycle: issuance renewal revocation and CRL/OCSP validation.
- Integrate Venafi for certificate automation and orchestration across multi-cloud/hybrid environments.
- Manage external SSL/TLS certificates with DigiCert including domain validation and SAN/Wildcard certs.
- Perform PKI health checks vulnerability remediation and root/intermediate CA maintenance.
- Define and implement certificate governance and key management best practices.
- Deploy manage and optimize Microsoft Defender for Cloud Apps (MDCA) for SaaS discovery OAuth app governance and conditional access enforcement.
- Operate Netskope CASB for inline and API mode enforcement.
- Implement shadow IT discovery sanctioned app policies and anomaly detection.
- Design implement and fine-tune DLP policies across endpoint email and cloud channels.
- Manage Microsoft Purview DLP including sensitive information types EDMs and trainable classifiers.
- Operate Trellix (McAfee) and Netskope DLP for endpoint and policy enforcement..
- Lead false positive tuning incident analysis and cross-platform correlation.
- Deploy configure and maintain endpoint security solutions including CrowdStrike Falcon Trellix and other AV/EDR tools.
- Monitor endpoint security alerts and respond promptly to threats or incidents.
- Perform regular updates patch management and health checks on endpoint security agents.
- Develop and enforce endpoint security policies across the organization.
- Conduct endpoint security assessments and vulnerability scans.
- Collaborate with IT teams to ensure endpoints are compliant with security standards.
- Investigate and analyze security incidents related to endpoints.
- Provide training and support to end-users and IT staff on endpoint security best practices.
- Stay current with emerging threats and evolving endpoint security technologies.
- Document procedures incident reports and security configurations.
Required Skills
- 15 years of experience Strong knowledge of network security protocols Endpoint and Data security architectures.
- Experience with incident response and forensic analysis.
- Communication and leadership skills.
- Ability to stay current with emerging security threats and technologies.
- Certified Information Systems Security Professional (CISSP)
- Cisco Certified Network Associate (CCNA) Security
- Cisco Certified Network Professional (CCNP) Security
- Proofpoint Certified Security Professional
- Imperva Certified Security Professional
- Cisco Identity Services Engine (ISE) Specialist Certification (if available)
- Zscaler Certified Cloud Security Engineer (ZCCSE) or equivalent
- MCSE SC-200
- Trellix DLP
- Netskope Certified Cloud Security Administrator (NCCSA)
- CompTIA Security.
- Certified Endpoint Security Professional
- CompTIA Security or CySA
- CrowdStrike Certified Falcon Administrator
- Trellix Endpoint Security Certification
Employment Type
Full Time
