Threat Prevention Architect
Threat Prevention Architect
Role Summary:
• Lead global initiatives to create and transform infrastructure solutions across the threat prevention space.
• Interacts externally with key vendors to understand future technology direction and drive product roadmaps to meet our needs.
• Interacts internally with senior level management to communicate strategic planning roadmaps and executive summaries for technical triage efforts.
• Provides technical oversight in identifying, evaluating, and developing infrastructure solutions. Key decision-maker to drive future threat prevention strategy and service evolution.
• Typically 10+ years of IT experience.
Key Responsibilities:
• Serve as Architecture lead to design threat prevention solutions that adhere to information security requirements while meeting business needs to establish secure network connectivity leveraging varying content inspection systems for malware prevention, data loss prevention, and forensic analysis
• Utilize creative-thinking and advanced problem-solving skills to build and maintain strategic roadmaps that enhance information security mission while optimizing cost, business needs, and end user experience
• Communicate with business partners at an enterprise level; interfacing with internal business representatives and information security partners
• Provide technical consultation to other team members and supported areas
Required Skills:
• Senior level expertise in at least one of the following (in order of desirability):
• Proxy (Skyhigh / McAfee preferred)
• Malware (Trellix / FireEye preferred)
• SASE (Netskope, Palo Alto, Zscaler preferred)
• SSLO (F5 preferred)
• DLP (Vontu preferred)
• Expertise with web proxies for advanced content filtering
• Expertise in malware prevention and data loss prevention systems, including Day Zero threat prevention
• MUST have extensive knowledge on fundamental networking concepts of DNS, DHCP, Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of TCP/IP and packet analysis
• Expertise in creating Application and network diagrams including all pertinent flows and decisions.
• Capability to summarize complex issues into executive summaries
• Basic understanding of Cryptography, SSL certificates, SSL decryption / offload methodologies, HSM/HSMaaS
Desired Skills:
• People management a plus, but not required
• Mid to senior level expertise in Broadcom / BlueCoat Proxy Security Gateways
• Design integration with cloud service providers such as Azure, Google, AWS, IBM
• Expertise in Virtualization, ESXi server management, vSphere, vCenter, vSAN, vMotion to transform hardware based infrastructure to virtual platforms
• Experience in automation scripts (such as Ansible, Terraform)
• Programming expertise; scripting/automation of various security products
• Understanding of Machine learning, data modeling and perform advanced analytics
• Understanding of cloud encryption and tokenization (i.e., Salesforce topology and integration of Salesforce / Servicenow clouds with Cloud encryption gateway)
• Expertise in Linux, Python, Apache, HTML + Bootstrap, and SQL.
• Leveraging APIs to enhance automation routines.
Familiarity with the following tools and/or platforms helpful:
• CipherCloud or similar cloud encryption technology
• Zscaler, Radware, FireEye, Websense, Scansafe, Ironport, Damballa, Vontu, Skyhigh, Palantir, Cloudera platforms
• SEIM tools such as Arcsight, Splunk
Threat Prevention Architect
Role Summary:
• Lead global initiatives to create and transform infrastructure solutions across the threat prevention space.
• Interacts externally with key vendors to understand future technology direction and drive product roadmaps to meet our needs.
• Interacts internally with senior level management to communicate strategic planning roadmaps and executive summaries for technical triage efforts.
• Provides technical oversight in identifying, evaluating, and developing infrastructure solutions. Key decision-maker to drive future threat prevention strategy and service evolution.
• Typically 10+ years of IT experience.
Key Responsibilities:
• Serve as Architecture lead to design threat prevention solutions that adhere to information security requirements while meeting business needs to establish secure network connectivity leveraging varying content inspection systems for malware prevention, data loss prevention, and forensic analysis
• Utilize creative-thinking and advanced problem-solving skills to build and maintain strategic roadmaps that enhance information security mission while optimizing cost, business needs, and end user experience
• Communicate with business partners at an enterprise level; interfacing with internal business representatives and information security partners
• Provide technical consultation to other team members and supported areas
Required Skills:
• Senior level expertise in at least one of the following (in order of desirability):
• Proxy (Skyhigh / McAfee preferred)
• Malware (Trellix / FireEye preferred)
• SASE (Netskope, Palo Alto, Zscaler preferred)
• SSLO (F5 preferred)
• DLP (Vontu preferred)
• Expertise with web proxies for advanced content filtering
• Expertise in malware prevention and data loss prevention systems, including Day Zero threat prevention
• MUST have extensive knowledge on fundamental networking concepts of DNS, DHCP, Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of TCP/IP and packet analysis
• Expertise in creating Application and network diagrams including all pertinent flows and decisions.
• Capability to summarize complex issues into executive summaries
• Basic understanding of Cryptography, SSL certificates, SSL decryption / offload methodologies, HSM/HSMaaS
Desired Skills:
• People management a plus, but not required
• Mid to senior level expertise in Broadcom / BlueCoat Proxy Security Gateways
• Design integration with cloud service providers such as Azure, Google, AWS, IBM
• Expertise in Virtualization, ESXi server management, vSphere, vCenter, vSAN, vMotion to transform hardware based infrastructure to virtual platforms
• Experience in automation scripts (such as Ansible, Terraform)
• Programming expertise; scripting/automation of various security products
• Understanding of Machine learning, data modeling and perform advanced analytics
• Understanding of cloud encryption and tokenization (i.e., Salesforce topology and integration of Salesforce / Servicenow clouds with Cloud encryption gateway)
• Expertise in Linux, Python, Apache, HTML + Bootstrap, and SQL.
• Leveraging APIs to enhance automation routines.
Familiarity with the following tools and/or platforms helpful:
• CipherCloud or similar cloud encryption technology
• Zscaler, Radware, FireEye, Websense, Scansafe, Ironport, Damballa, Vontu, Skyhigh, Palantir, Cloudera platforms
• SEIM tools such as Arcsight, Splunk
