IT Security Architect
Ethos Risk Services
- San Antonio, TX
- Permanent
- Full-time
- Architect, implement, and maintain a robust security architecture that aligns with short-term and long-term security goals
- Collaborate with security engineers to identify, assess, and prioritize security vulnerabilities
- Develop and implement security policies and procedures to ensure adherence to industry standards and compliance regulations
- Proactively manage and oversee all security activities to mitigate risks and maintain a secure IT environment
- Stay up-to-date on emerging security threats and trends, and implement appropriate security controls
- Design and implement scalable and reliable security solutions that meet the evolving needs of the business
- Conduct security assessments and penetration testing to identify and remediate vulnerabilities in our systems
- Partner with development teams to ensure secure coding practices are followed throughout the development lifecycle (SDLC)
- Provide security awareness training and education to employees to foster a culture of security
- Document security processes, procedures, and architectures
- 10-15 years of experience in various mid to higher level IT roles, ideally including systems administration, networking, IT security, and data engineering
- Certification in CompTIA Security+, CISSP, CISA, and/or CCSP
- Strong understanding of security principles, frameworks (e.g., NIST CSF, CIS Controls), and methodologies (e.g., threat modeling, risk assessment)
- Strong understanding of enterprise cybersecurity policies, SOC compliance and best practices regarding Microsoft Windows/Office 365/Exchange Online/Intune/Azure AD configuration and support, including experience assisting with security and compliance audits
- Proven experience in designing, implementing, and maintaining security solutions, including firewalls, intrusion detection/prevention systems, and access control systems
- Experience with security information and event management (SIEM) systems
- Working knowledge of network security concepts and protocols (TCP/IP, VPNs, etc.)
- Experience with cloud security principles and best practices
- Understanding of data privacy practices and regulations
- Experience with securing and maintaining network devices (switches, routers, firewalls, access points)
- Experience with MDM configuration and implementation (BYOD experience a plus)
- Experience with web-application firewall configuration
- Experience with patch and vulnerability management practices for Windows Server (Unix systems a plus)
- Strong analytical and problem-solving skills
- Excellent communication, collaboration, and interpersonal skills
- Ability to work independently and as part of a team
- Experience in a security-focused industry such as finance or healthcare
- Experience with scripting languages like Python or Bash for security automation
- Microsoft and AWS Security related certifications