Security Architect/ Engineer

Role : Security Architect or Engineer

Location : Davie, FL - Hybrid

Job description :

The Security Architect is a hands-on team player who provides technical security guidance and leadership with the design, installation, operation, service and maintenance of a variety of information systems. This individual understands IT Enterprise Architecture and works with the business, IT, and enterprise architects to ensure that security standards are created and implemented into SHRSS Enterprise Architecture frameworks and project lifecycle. This role identifies security gaps, develops controls, determines functional and non-functional security requirements and designs solutions that meet business objectives while complying with security standards to achieve Security-by-Design principles based on the needs of the business and organizational security requirements.

• Architect has broad experience - big picture approach - every domain in sec
• Network
• SecOps
• Incident response
• Asset management
• Lock management
• Threat modeling
• Enterprise architecture and threat modeling
• have you done threat models" "what methodology have you used"
• What are the frameworks : Stride, pasta,
• Describe to me - acronyms : PASTA, STRIDE, TOGAF
• Deep dive tactic spoofing
• CISSP - gold standard, reps the broad knowledge
• Identify lack of security controls
• Security reviews (currently informal not following a threat model)
• They are formalized - building team of architects
• Resumes looking for threat modeling and sec architect in title or in their JD
• TOGAF mention
• Impressed when people list have risk assessment similar to threat modeling