Information Security Architect (Mobile / Cloud) in Atlanta, GA at HUNTER Technical Resources

Date Posted: 12/25/2019

Job Snapshot

  • Employee Type:
  • Location:
    Atlanta, GA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:

Job Description

As an experienced Mobile and Cloud Principle Security Engineer you will be responsible to perform approved research, analysis, and assessments of various mobile and cloud infrastructures, applications, and platforms to identify and contain advanced security threats and vulnerabilities that have the possibility of targeting the firm or affecting bank mobile and cloud solutions.

Must have a strong background in security, great organization and communication skills, ability to work in a team environment, and be self-motivated.

Responsibilities and Required Skills:
  • Strong malware analysis, reverse engineering, and malware development skills
  • Strong technical understanding of emerging technologies such as Mobile, Cloud, and Virtualization
  • Ability to self-learn and maintain strong proficiency in technical tools, countermeasures, and techniques
  • Serve as a technical security subject matter expert across multiple security domain areas, stays current with the latest security threats, raises awareness and communicates security risks within the company.
  • Documentation capabilities to support required processes, procedures, issue/risk identification and remediation, communications, escalations, and status reporting
  • Experience with evaluating/baselining existing tools/controls for best practice, quality, and coverage.
  • Develop and maintain possible threat use cases that will be used in research, analysis, assessments, and testing.
  • Recognize and safely utilize mobile and cloud security tools, tactics, and procedures
  • Ability to architect and automate and security tools, constraints, and controls into new cloud integration solutions
  • Ability to perform in-depth research of the latest adversarial threat vectors and technologies to remain at the cutting edge of possible adversarial attack capabilities for mobile and cloud technology
  • Ability to examine and assess vulnerabilities through the perspective of a threat actor and articulate risk in clear terms for mobile, cloud, and virtualization
  • Tactically support Risk Mitigation Plan (RMP) Remediation and Course of Actions (COA) for Integration of acquired entities into the company’ s environment, including configurations, coverage gaps within existing controls/tools and sustaining controls through continuously tuning, updating, and monitoring for entities as they are acquired until integration.
  • Work in a team environment, participate in established daily Operations call to discuss incidents, changes, and issues.
  • Stay abreast of current mobile and cloud technologies, security compliance requirements, standards and industry trends in order to help achieve the goals of the department.
  • Must have experience and proficiency with common tools such as Fortify, Data Theorem, Lookout Protection Platform, Mobile Anti-virus, Webroot, Mobile Security Framework, MITMProxy, OWASP Zed Attack Proxy, MobiSec
  • Solid understanding of major operating systems, mobile device management, mobile application management, mobile application development, cloud security authentication, authorization, cloud compliance, cloud data protection, cloud application protection, infrastructure as a service (IaaS), network as a service, storage as a service, active directory, and associated mobile and cloud infrastructure components
  • Must be able to work effectively with cross department teams and independently with teams who have various skills and backgrounds
  • Supports and participates in incident response and technical investigations as needed.
  • Ensures adherence to compliance regulations and policies. Works to develop and interpret security policies and procedures.

Minimum Experience:

Education: Bachelor’ s degree

Information Security: At least 3 years

Penetration Testing: At least 1 years
  • In depth security knowledge in information systems and ability to identify, apply, and implement best practices.
  • Understanding to interpret and convey complex, difficult, or sensitive information.
  • CISSP recommended