| 2 urgent requirements: at Remote, Remote, USA |
| Email: [email protected] |
| Hi ALL, 2 urgent requirements: Job Description: Lead Cyber Security Architect / Principal (Health care Experience is a must) Location: Remote, Any Visa, Type: Contract Overview: The Lead Cyber Security Architect / Principal is a pivotal leadership role responsible for overseeing the efforts of the security development function, guiding a team of Security Developer Consultants, and leading the organizations efforts to identify, prioritize, and remediate security risks. This individual will architect frameworks and processes to improve the organizations ability to manage, communicate, and resolve security risks effectively. The Lead Cyber Security Architect / Principal will also serve as the primary liaison between the security development team and the organizations broader cybersecurity, application development, and infrastructure teams, ensuring alignment and understanding across departments. Key Responsibilities: Oversee Security Development Function: Lead and manage the Security Developer Consultants responsible for analyzing and remediating security risks identified through tools like Wiz.io, ensuring timely and efficient resolution. Security Framework Development: Design and implement comprehensive security frameworks to define, categorize, and prioritize security risks and vulnerabilities across applications and infrastructure. Process Optimization for Risk Response: Develop and implement streamlined processes that allow for efficient responses when security risks are identified. These processes should ensure clarity and enable teams to act quickly and effectively. Strategic Risk Management: Continuously assess and evaluate security risks to prioritize remediation efforts, balancing security needs with business priorities. Cross-Departmental Liaison: Act as the primary point of contact between the security team, infrastructure, and other key stakeholders, facilitating clear communication and ensuring alignment on remediation strategies. Present risk assessments and guide adjacent teams towards effective resolution strategies. Assess and Advise on App Reconfigurations: Evaluate whether identified security issues require application reconfigurations or if alternative measures can resolve them. Provide strategic input on the best course of action based on technical analysis and risk level. Establish Security Policies & Best Practices: Develop and enforce security policies, standards, and best practices for application and infrastructure security. Ensure compliance with industry regulations and internal security objectives. Incident Response Leadership: In the event of a security incident, guide teams through the risk remediation process, ensuring appropriate and timely actions are taken to resolve the issue while minimizing impact. Stakeholder Communication: Communicate complex security issues and risks to executive leadership and non-technical stakeholders in a clear and actionable manner, securing buy-in for key initiatives. Mentorship and Leadership: Provide leadership and mentorship to the security team, ensuring their growth and development while fostering a collaborative and proactive security culture across the organization. Qualifications: Extensive Cybersecurity Experience: 10+ years in cybersecurity roles, with a focus on security architecture, risk management, and incident response in complex enterprise environments. Team Leadership: Proven experience leading technical security teams, specifically in development-focused roles and application security, with a strong ability to manage and mentor team members. Security Frameworks: Expertise in building and implementing security frameworks such as NIST, CIS, or similar, including the ability to adapt frameworks to unique organizational needs. Application Security & Development: Deep understanding of secure coding practices, application security, and how vulnerabilities arise within development pipelines. Cloud & Infrastructure Security: Advanced knowledge of cloud platforms (AWS, Azure, GCP), container security, and infrastructure security. Communication & Collaboration: Strong skills in bridging gaps between security, development, and infrastructure teams, with the ability to communicate technical risks to non-technical stakeholders. Security Certifications (Preferred): CISSP, CISM, CEH, AWS Certified Security, or other relevant certifications. Skills: Strong technical expertise in application security and cloud infrastructure. Excellent ability to prioritize risks and guide teams through the remediation process. Proven track record of building security frameworks and optimizing processes. Exceptional problem-solving skills and a proactive approach to identifying risks before they become critical issues. Ability to navigate complex organizational structures and influence key stakeholders. Education: Bachelors degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience). This role balances strategic leadership, risk management, and hands-on technical guidance to ensure a robust security posture for the organization. 2) Job Description: Security Developer Position : Security Developer Consultant (Health care Expereince is a must) Location: Remote, Any Visa, Type: Contract Overview: As a Security Developer Consultant, you will play a key role in analyzing and remediating security risks identified by cloud security platforms such as Wiz.io and other security tools. Your responsibility will include evaluating the vulnerabilities and misconfigurations in applications and infrastructure, providing development-driven solutions, and ensuring that applications adhere to security best practices. You will collaborate closely with development teams to implement configuration changes and optimize security measures within the application stack. Key Responsibilities: Analyze Security Issues: Review and analyze security vulnerabilities, misconfigurations, and risks identified by Wiz.io and other security scanning tools. Remediation & Resolution: Develop and implement code or configuration changes that address the identified security issues in the application and underlying infrastructure. Collaborate with Development Teams: Work with software developers and architects to ensure secure coding practices are followed and assist in implementing necessary security changes within the applications. Security Best Practices: Guide teams on adhering to security policies, standards, and industry best practices (e.g., OWASP, CIS benchmarks) when configuring or developing applications. Continuous Monitoring: Help integrate and maintain security monitoring tools to ensure continued security and compliance of cloud applications. Security Audits: Perform periodic audits of application code, infrastructure, and configurations to ensure vulnerabilities are addressed in a timely manner. Documentation: Provide detailed documentation on identified issues, mitigation strategies, and steps taken to resolve security risks, ensuring all stakeholders are kept informed. Qualifications: Experience with Security Tools: Hands-on experience with Wiz.io, cloud security platforms, and other security tooling (e.g., Snyk, SonarQube, Checkmarx). Application Development: Strong experience in software development, particularly with secure coding practices in languages like Python, Java, Node.js, or similar. Cloud Security: In-depth understanding of cloud infrastructure security (AWS, Azure, GCP), including identity and access management, container security (Kubernetes, Docker), and network security. Vulnerability Management: Proven track record of identifying and remediating security risks in both application code and infrastructure configuration. Security Certifications (Preferred): CEH, CISSP, OSCP, or relevant cloud certifications (AWS Certified Security, Google Cloud Professional Security Engineer, etc.). Skills: Expertise in reviewing and implementing application-level security fixes. Strong knowledge of secure coding standards and DevSecOps principles. Excellent problem-solving and analytical skills with a proactive approach to mitigating security risks. Ability to communicate complex security issues to both technical and non-technical stakeholders. Familiarity with CI/CD pipelines and integrating security checks into development workflows. Education: Bachelors degree in computer science, Information Security, or a related field (or equivalent experience). Regards, Vikram Singh Senior Technical Recruiter "Certified Woman Owned Minority Business Enterprise (WMBE)" 209 State Highway 121 Bypass Suite #36 Lewisville, TX 75067 USA www.techstargroup.com | Email: [email protected] Phone: 469-498-0643 Ext: 613 | FAX: 469-284-0740 LinkedIn: linkedin.com/in/vikram-singh-000012345 Keywords: continuous integration continuous deployment javascript Texas 2 urgent requirements: [email protected] |
| [email protected] View all |
| Tue Oct 15 20:26:00 UTC 2024 |