IT Security Architect

Acting under the supervision of the Corporate IT Manager, this position will function as the primary Sr. IT Security Engineer for the corporate IT environment and be responsible for operational ownership of IT security infrastructure (Proxy, SIEM, EDR, Firewalls, Email-filter, VPN, etc.), enforcing standards, and policy creation/compliance. This role will also extend responsibilities to commercial system security and remote access solutions, networking, and security. Maintaining an efficient, secure, and highly secure environment throughout planned company growth, will be a key responsibility of the incumbent. To be successful in this role a candidate must have a demonstrably high level of technical proficiency and initiative, be able to operate with a high level of trust and autonomy, and be motivated to deliver company-critical services and solutions. In addition, the IT Security Engineer will also be responsible for:

  • Lead the IT Security function within the IT Dept. and act as subject matter expert on securing corporate networks, including onsite and cloud security infrastructure.
  • Develop and maintain robust Incident Response Plan, corporate IT Security policies, network diagrams, and other documentation as required.
  • Enforce security governance by monitoring and administering security platforms and tools.
  • Provide technical and strategic support to IT projects and departmental goals, as well as IT Security Roadmap.
  • Develop, maintain, and improve existing/new security technologies, processes, and governance to effect proactive security monitoring/detection capabilities.
  • Own problem remediation efforts, consult with vendors to overcome critical technical issues.
  • Analyze ongoing business requirements and manage/improve IT security, controls, and policies by consulting with other internal teams and 3rd party resources.
  • Work alongside co-managed service providers, vendors, and 3rd party security consultants; oversee security audits and pen-testing; perform risk assessments.


Additional Desired Skills:

  • Certifications: CISM, CISSP, CISA, CCNA, CCNP-Security, Network+, Security+, CySA+, or other IT certifications reinforcing the ability to perform the duties of this role (IAT, IAM, DOD, etc.)
  • Working knowledge or familiarity with IoT, OT, industrial remote access solutions (i.e. Secomea)
  • Current Targan network technologies: Cisco Meraki AP’s & Switches (layer 3), FortiGate Firewall, DUO MFA,
  • Security Stack: FortiGate, Meraki, DUO, Netskope, Microsoft Defender for Endpoint, Defender for IoT, Defender for Cloud, Defender for Identity, Azure
  • Regulatory Compliance: CIS Framework, Azure Foundations and Microsoft Cloud Security benchmark
  • Experience working in a global corporation is a plus

Education and Experience:

  • Bachelor's Degree in Information Technology, Information Systems, Computer Science, or related field.
  • Minimum of 15 years of industry experience

Required Technical Abilities & Skills:

  • In-depth knowledge and experience: Networking (layer 3), Firewalls, email, SIEM, Proxy, MFA, VPN, SDWAN, MDR/EDR, Incident response, and security design.
  • Operational security of M365, Exchange, Purview, Azure (Dev Ops, AAD, etc.), 3rd Party SaaS platforms, and overall business infrastructure.