Principal Security and IR Architect
We’re a leading, global security authority that’s disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world’s largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to little things like surgically embedded pacemakers. We help companies put trust—an abstract idea—to work. That’s digital trust for the real world.
Position: Principal Security and IR Architect
The Principal Security Specialist will join DigiCert’s crusade in delivering world-class Cyber Trust capabilities, continuously advancing global security operations by building programs to further strengthen DigiCert’s Security hygiene posture as well as activities to continuously evolve crisis response functions. This exciting opportunity empowers strategic collaboration, joining forces across multiple business areas, and architecting scalable systems to achieve DigiCert’s common vision.
PRIMARY RESPONSIBILITIES AND COMPETENCIES
- Develop technical integrations between security and operational technologies.
- Partner with business units to provide centralized, platform-driven technical solutions for Vulnerability, risk and incident management.
- Join forces with Product and Engineering to promote embedded security solutions, driving speed and agility of delivery.
- Assess anomaly detections and investigate security events, promoting a continuous improvement feedback loop for posture strengthening.
- Partner with developers to design SDLC-integrated security solutions, promoting continuous deployment, driving speed and agility.
- Perform threat modeling exercises.
- Review disparate business processes to develop integrated and efficient solutions.
- Drive security-partnered programs, with operational stability, continuously maturing DigiCert’s security posture, utilizing the CMMI model.
- Join forces on providing system security, promoting node rotations and exception management.
- Drive security risk and assessment systems, driving vulnerability management based on business risk and appetite thresholds.
- Partner on third-party risk management lifecycle activities.
- Develop program documentation to promote operational stability and scalability.
- Support Leadership in strategic planning.
- Develop security policies and standards, as needed.
- Drive and support security identified remediation efforts.
- Foster and promote a security-forward culture.
- Mentor junior team members.
- Other duties and responsibilities, as assigned
REQUIRED QUALIFICATIONS (EDUCATION, EXPERIENCE, &/OR CERTIFICATION)
- OS: Windows, Linux
- Network Protocols: TCP/UDP/SSL/TLS
- Tools: Splunk, Tanium, Kibana, Tenable, Atlassian, Crowdstrike, Burp, Metasploit, snort, Suricata
- Must have experience working in Threat Detection and Incident Response
- 8+ years of experience in Information Security
- Advanced level of knowledge of Information Security design concepts and principles
- Experience with cloud-based identity providers, SSO, SAML, etc
- Experience with cloud-based DDoS/WAF providers (preferably Imperva)
- Experience with vulnerability management technologies
- Experience with threat hunting and malware identification, analysis, and removal
- CISSP required
PREFERRED QUALIFCATIONS & EXPERIENCE
- Bachelor’s degree in network security or computer science
- Master's degree in a technical discipline
- Experience working in highly regulated environments.
- 3-5 years of experience with SIEM technologies (preferably Splunk)
- Advanced level of knowledge of IT frameworks and standards (NIST, COBIT, ITIL, ISO, PCI-PIN, GDPR, WebTrust)
- Advanced level of experience with Incident Response.
- Certified Information Systems Auditor (CISA)