Fervid Group

Hot Jobs

Principal Security Engineer and Architect

Position Description:
Seeking a seasoned cyber security engineer and architect with proven understanding in enterprise security focused on building tool sets and processes to support the Information Security Program (ISP).  In this role, the candidate will develop and implement cyber security architecture and technology solutions to address the current and emerging cloud security requirements of the organization. This includes leading the problem analysis, solutions development, implementation, and decision making that significantly impacts enterprise-wide initiatives. Performs project management activities for multiple information security projects; gap analysis, vendor product evaluations, current systems maintenance, and new system implementations. The incumbent will be responsible for future and target state architecture design for cybersecurity capabilities. Proactively analyzes and anticipates change in the cyber-threat landscape and designs effective countermeasure solutions.  Continues to expand and grow existing technical capabilities and demonstrates a passion for Digital Solutions and Security. Openly shares knowledge and provides mentorship and guidance to team members.

Location:

San Francisco, CA

Responsibilities:
This role is both a strategic thinking and hands-on execution that will provide the right candidate an exciting opportunity to leverage and grow technical, process and leadership skills in an exciting area of the company.

  • Foster a security-centric and consultative relationship with the business, mine sites, and other IT teams
  • Review existing security architecture, identifies design gaps, and recommends security enhancements
  • Conduct risk assessments, including vendor risk
  • Stay abreast of current and emerging security threats and designs security architecture to mitigate them
  • Stay abreast of emerging security technologies and integrates them into security architecture as needed
  • Review, maintain and administer security policies, procedures, and other documentation
  • Provide consultation, architecture to project teams on security best practices and security design requirements
  • Develop and maintain cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
  • Develop and provide strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
  • Represent department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
  • Develop and maintain cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
  • Develop and provide strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
  • Represent department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
  • Design, implement, and manage security practices and solutions for servers, infrastructure, workstations, mobile devices, and industrial control systems, perimeter defense, and other common enterprise technologies
  • Manage and respond to security related incidents and investigations for all  sites
  • Perform vulnerability scans and ensure appropriate remediation activities are fulfilled
  • Develop and deliver security training across the company
  • Experience in threat modeling and risk identification
  • Experience in security vulnerability assessments and remediation techniques
  • Perform other security functions or tasks as directed

Qualifications:

  • Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math)
  • 10+ years’ experience in Information Technology
  • 8+ years’ experience in Cyber Security engineering and support
  • 5+ years’ experience in cloud governance and architecture

Eligibility Requirements:

  • Legal authorization to work in the U.S. is required.
  • Must be willing to travel domestic & international
  • Must be willing to work out of an office located in Northern Virginia, DC Area

Technical Expertise:

  • Minimum of 5 years of experience with detection technologies (e.g. Snort, Suricata, Bro, netsniff)
  • Minimum of 4 years of experience with scripting languages (e.g. Ruby, Python, Perl, and Powershell)
  • Minimum of 2 years of experience with cloud technologies (e.g. AWS, Azure, OpenStack)
  • Minimum of 1 year of experience with secure development life-cycles
  • Minimum of 1 year of experience with identity management and authentication
  • 5-7 years of experience administering Windows and Unix-like operating systems (e.g. Linux, OSX)
  • 5-7 years’ experience administering orchestration tools such as Puppet, SALTStack, Chef, or Ansible
  • Experience in computer security incident response, including forensic investigations and chain of custody
  • Experience with CheckPoint (R80) and Cisco ASA firewalls.
  • Experience with Cisco AMP and Cisco Email Security Appliances
  • Experience with multifactor authentication mechanisms
  • Experience with the Cisco networking technology stack, including VPN
  • Experience in Enterprise logging, log analysis and correlation engines
  • Nice to have familiarity with industrial control systems Cyber Security norms and standards (IEC62443, NERC-CIP, ANSSI, ISO 27k…)
  • Prior experience working within an Agile framework (Scrum/Kanban)
  • One or more Security Certifications or equivalent (CISSP, etc.)
  • One or more Platform Certifications or equivalent (RHCE, LFCE, etc.)
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Experience in securing cloud infrastructure such as AWS, Azure and alike (i.e., inspection, logging, WAF, VM)
  • Experience in deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS), specifically within AWS, Azure and GCP
  • Familiarity with data analytics and machine learning principles and techniques
  • Knowledge of SIEM API integration techniques

Business Acumen:

  • Strong problem-solving abilities and capable of articulating specific technical topics or assignments
  • Experience in building scalable and highly available distributed systems
  • Expert in breaking down problems and estimate time for development tasks
  • Evangelizes how our technology solves customer problems from a technology and business perspective

Leadership:

  • Demonstrates clarity of thinking to work through limited information and vague problem definitions
  • Ability to solve very complex security issues that span legal, compliance and regulatory obligations across various lines of business and shared service areas of the company.
  • Proactively identifies and removes project obstacles or barriers on behalf of the team
  • Shares knowledge, power, and credit, establishing trust, credibility, and goodwill

Personal Attributes:

  • Able to work under minimal supervision
  • Excellent communication skills and the ability to interface with senior leadership with confidence and clarity
  • Must have proven verbal communications and written documentation skills
  • Able to work well with global teams, including time-zone flexibility
  • Skilled in providing oversight and mentoring team members. Shows ability to effectively delegate work

What we can Offer You 

  • A comprehensive compensation package including bonuses, benefits, and stock purchase plans where applicable
  • Ability to make a difference and lasting impact
  • Work in a dynamic, collaborative, progressive, and high-performing team
  • An Opportunity to transform Traditional Mining into the future of Digital Mining
  • Opportunities to grow and learn with the industry colleagues are endless

Apply here

Ask a question, or write a comment below.

Leave a Reply