Are you a seasoned cybersecurity expert? Have you have successfully worked with organizations to design, implement, monitor, and improve overall security measures from a technical perspective? Would you like to work in a new and challenging environment where you will be involved in every aspect of cybersecurity? Then you may be the person our team needs! KORE Wireless, a world leader in IoT Connectivity Solutions is looking to expand the team seasoned cybersecurity expert in the role of Security Architect.
This is a unique opportunity to gain experience in the fastest growing technology field. The Security Architect will be responsible for ensuring all our company’s technical security solutions are implemented and maintained in accordance with security best practices and organizational requirements. This individual will work among network, systems, and software engineering teams to ensure protection of company assets and data.
As a Security Architect you will be responsible for designing, reviewing, and improving KORE’s security architecture while also ensuring that all existing and new security solutions align with KORE’s business objectives.
- Design, plan, review and implement robust security architectures for all KORE projects.
- Develop, review, and improve security requirements for:
- Networks and network equipment such as Firewalls, IDS/IPS VPNs, Load Balancers.
- Operating Systems CentOS, Ubuntu, Oracle Solaris, Windows2008/2012/2016/2019/10
- Applications (Web/API written in Kotlin, Angular, Java, .Net – including containerized workloads)
- PaaS/SaaS/Public Cloud
- Create solutions that balance business requirements with information and cybersecurity requirements.
- Understand, create and present cost estimates and impact of security requirements.
- Implement and maintain security policies and procedures related to security architecture.
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
- Assist with risk analysis and threat modeling exercises and provide actionable requirements based on outcome.
- Perform security tests and assessments on networks, systems, and applications.
- Collaborate with Network Engineering, Systems Engineering, Internal Systems, and Development teams, to ensure that new devices, endpoints, and applications meet appropriate security requirements and standards.
- Participate in cross-functional project teams along with individuals from IT, Finance, Support, HR, and Development to design and implement security solutions and/or requirements.
- Ensure technical security compliance requirements for PCI-DSS, GDPR, ISO27001 and other Federal, State, and international regulations.
- Research and report on security risks and advise team leaders on the impact on security compliance prior to implementation.
- Stay abreast of current and emerging security threats and advise on security technologies to mitigate threats where possible.
- Create and maintain Information Security documentation (like policies, procedures, technical baselines etc.) and report on the security of devices deployed throughout the organization.
- Maintain adequate compliance documentation presentable for external and internal audit.
- Assist with the configuration and management of security tools including SIEM, vulnerability scanners, DDoS protection, Webapp Firewalls, and anti-spam/anti-malware platforms.
- 5+ years technology experience
- 5+ years of Information Security experience
- A minimum of 3 years’ experience as a Security Architect, or similar position.
- Strong knowledge of industry standard security architectures.
- Outstanding communication and interpersonal abilities.
- An analytical mindset with excellent organizational skills.
- Works well in a team or solo on various security related projects.
- Analytic approach to security architecture and the ability to translate security industry standards/best practices to actionable requirements.
- Effectively present information, ideas, and perspective to team members and managers, and clearly and willingly answer questions.
- Experience in creating Security policies, procedures, and standards.
- Takes initiative and works pro-actively to increase security levels by remediating vulnerabilities or raising awareness.
- Can execute various types of security tests or manage tests executed by external parties.
- Can learn effectively using self-teaching material.
- Experience in implementing technical security measures for standards like PCI DSS 3.2 Level 1, ISO27001/2 and GDPR.
- Good understanding of the following technologies/products:
- Operating systems: Cisco IOS, FortiOS, F5 TMOS, CentOS, Ubuntu, Windows2008/2012/2016/2019/10
- DBMS: MySQL, MSSQL, PostgreSQL
- Cloud Security (Azure/AWS)
- Container and Kubernetes Security
- Multi Factor Authentication Concepts
- Tenable products (Tenable.io, Nessus Professional, Tenable.sc)
- Crowdstrike Products
- Veracode Products
- Lacework Products
- WAF (Web Application Firewalls)
- OWASP and Web applications
- Programming languages like: Kotlin, Angular, Java, .Net, C#
- SIEM (USM Anywhere)
- Office365 Security
- Malware-Protection/EDR (CrowdStrike, Carbon Black)
- Email spam protection
- IoT Security (best practices)
- Understanding of security controls (e.g., Identity & Access Management, auditing, cryptography, public key - infrastructure).
- Knowledge of IT Risk and Security governance
- A fun team environment and great culture
- Benefits Package -Medical, dental and life insurance
- Referral bonus