Network and Cloud Security Architect
Position Summary:
The Network and Cloud Security Architect will report to the Chief Security Architect. You will be a security leader and tackle challenging situations in a unique cloud networking environment. Security is critical to all functions at Athena and you will be working in a cross functional team environment (Application Development, IT Security, IT Operations, Compliance, and Audit). Be prepared to go deep into designing security solutions. Also, you will perform network security architectural reviews, penetration testing, and provide internal consulting, guidance and training.
Responsibilities may include, but are not limited to:

Education, Experience, and Skills Required:
Must have:

• Bachelors degree in Computer Science, IT, IS, Cyber Security or similar
• 10+ years of IT experience, with a minimum of 5 years which was security focused
• Detailed technical knowledge in network security, authentication, security protocols, access control, cryptography, and application security
• Cloud Security experience, both private and public such as AWS, Azure, etc.
• Understanding of how security vulnerabilities are created and how to approach appropriate mitigation techniques
• Experience and understanding of exploitation techniques used by “hackers” to attack enterprise environments
• Understanding of Operating Systems security concepts, security protocols, firewalls, microservices, and other network infrastructure components
• Experience with penetration testing and custom exploit creation
• Experience in software product development, security architecture, product security, vulnerability assessment, infrastructure security, security issue prevention and mitigation strategies
• Experience leading cross functional teams
• Strong written and verbal communication skills

Ideally, you will also have:

• Proficient knowledge of programming languages – Java, Perl, Python, JavaScript, Node.JS
• Experiences working with OWASP, SANS Standards or OSSTM and experience with COTS security products
• Experience with Static and Dynamic Code Analysis tools like HP Fortify, HP WebInspect, IBM AppScan, VeraCode, Coverity etc.
• Experience with Secure Development Lifecycle practices in an Agile development environment
• Technical depth in LAMP stack, multiple COTS DBs like Oracle, iOS, Android, and, web services
• CISSP, SANS certifications, or similar
• Knowledge of HIPAA, HITRUST, PCI-DSS requirements

Behaviors & Abilities Required:

• Influences groups and stakeholder to obtain buy-in and participation without direct control
• Technical thinking and understanding of systems, infrastructure and SW apps/platforms
• Communicates effectively; conveys clear understanding of specific needs of product/ platform orgs
• Ability to work minimal supervision, while being self-driven and motivated
• Collaborates well with cross functional peers to enable convergence of direction/decisions
• Building strong and solid working relationships across engineering and other related functional organization including product management, business owners et al
• Builds consensus to enable driving to a successful customer-centric solution which is functional, secure and usable
• Brings capability to visualize and effectively socialize a coherent mid to long term security vision to enable getting ahead of issues
• Key words: Security Architecture, Network Security, Cloud Security, Application Security, OWASP, Secure Coding; Product Security
  

Network and Cloud Security Architect
Position Summary:
The Network and Cloud Security Architect will report to the Chief Security Architect. You will be a security leader and tackle challenging situations in a unique cloud networking environment. Security is critical to all functions at Athena and you will be working in a cross functional team environment (Application Development, IT Security, IT Operations, Compliance, and Audit). Be prepared to go deep into designing security solutions. Also, you will perform network security architectural reviews, penetration testing, and provide internal consulting, guidance and training.
Responsibilities may include, but are not limited to:

• Define and design network security architectures to support the deployment of secure applications across Athena’s cloud environment
• Coordinate with system architects and developers to provide guidance in creating and integrating secure cloud based designs
• Lead and perform security design and architectural reviews, identify any potential gaps and develop mitigation and security risk management plans
• Build a security catalog of best practices, techniques and patterns to enable secure network implementations
• Run and lead internal network penetration exercises, and when necessary manage consultant engagements to perform such exercises
• If a network security issue is discovered be the point person in finding and deploying any short-term mitigations and the final resolution
• Support HIPAA, HITRUST, PCI and other regulatory and compliance activities
• Consult with product development/R&D, engineering and operations teams on security best practices and issue remediation

Education, Experience, and Skills Required:
Must have:

• Bachelors degree in Computer Science, IT, IS, Cyber Security or similar
• 10+ years of IT experience, with a minimum of 5 years which was security focused
• Detailed technical knowledge in network security, authentication, security protocols, access control, cryptography, and application security
• Cloud Security experience, both private and public such as AWS, Azure, etc.
• Understanding of how security vulnerabilities are created and how to approach appropriate mitigation techniques
• Experience and understanding of exploitation techniques used by “hackers” to attack enterprise environments
• Understanding of Operating Systems security concepts, security protocols, firewalls, microservices, and other network infrastructure components
• Experience with penetration testing and custom exploit creation
• Experience in software product development, security architecture, product security, vulnerability assessment, infrastructure security, security issue prevention and mitigation strategies
• Experience leading cross functional teams
• Strong written and verbal communication skills

Ideally, you will also have:

• Proficient knowledge of programming languages – Java, Perl, Python, JavaScript, Node.JS
• Experiences working with OWASP, SANS Standards or OSSTM and experience with COTS security products
• Experience with Static and Dynamic Code Analysis tools like HP Fortify, HP WebInspect, IBM AppScan, VeraCode, Coverity etc.
• Experience with Secure Development Lifecycle practices in an Agile development environment
• Technical depth in LAMP stack, multiple COTS DBs like Oracle, iOS, Android, and, web services
• CISSP, SANS certifications, or similar
• Knowledge of HIPAA, HITRUST, PCI-DSS requirements

Behaviors & Abilities Required:

• Influences groups and stakeholder to obtain buy-in and participation without direct control
• Technical thinking and understanding of systems, infrastructure and SW apps/platforms
• Communicates effectively; conveys clear understanding of specific needs of product/ platform orgs
• Ability to work minimal supervision, while being self-driven and motivated
• Collaborates well with cross functional peers to enable convergence of direction/decisions
• Building strong and solid working relationships across engineering and other related functional organization including product management, business owners et al
• Builds consensus to enable driving to a successful customer-centric solution which is functional, secure and usable
• Brings capability to visualize and effectively socialize a coherent mid to long term security vision to enable getting ahead of issues
• Key words: Security Architecture, Network Security, Cloud Security, Application Security, OWASP, Secure Coding; Product Security