Job Details


Requisition Number 18-0001
Post Date 4/12/2018
Title Cyber Security Architect
Division Information Technology
PT/FT Full Time
City Ashburn
State VA
Description

Our Mission

The Public Company Accounting Oversight Board is a nonprofit corporation established by Congress to protect investors and the public interest by promoting informative, accurate, and independent audit reports and to oversee the audits of public companies and broker-dealers.

Job Description

The PCAOB has a full-time, regular position for a Cyber Security Architect in the Office of Information Technology (OIT) at its Ashburn, VA office. The Cyber Security Architect will serve as a chief engineer, a solutions strategist and cyber security architecture thought leader. You will be responsible for protecting system boundaries and ensuring that IT systems, applications and network devices are hardened against threats.

Responsibilities

  • Develop and maintain the PCAOB’s cybersecurity architecture guidance and governance by documenting design specifications, installation instructions, and other system-related information to address information security engineering/architecture requirements.
  • Collaborate with business stakeholders and technical stakeholders (solution, infrastructure, and application architects) to perform security architecture risk assessments.
  • Create both short and long-term enterprise network security technology roadmaps based on NIST standards, organizational strategic requirements, technology context and PCAOB business needs
  • Ensure operational and incident trends in cyber security are considered in developing security architecture requirements and recommendations.
  • Provide recommendations for advancing the enterprise security architecture practice, security policies, and security control standards to enhance operational practices.
  • Responsible for the engineering, design, implementation, maintenance, analysis, and administration of PCAOB security technologies. 
  • Evaluate new security technology & emerging threats and provide recommendations to strengthen PCAOB information security environment.
  • Participate in and lead projects for security requirements, network design reviews, and security testing for PCAOB network, systems, and other IT teams.
  • Responsible for creation and maintenance of security architecture diagrams and documentation.
  • Provide security event, system data and reports to support the generation of security metrics.
  • Coordinate with PCAOB systems, network and development team to ensure network security standards are being followed and implemented correctly.
  • Perform internal and external penetration tests with multiple technologies.
  • Proactively conduct security threat analysis and recommend solutions to manage network, systems and application vulnerabilities. 
  • Install, configure, and maintain PCAOB information security technologies.
  • Liaison to the OIT Teams to effectively communicate and architect security solutions.
  • Provide support off hours in addition to regular work days to troubleshoot escalated issues and apply production changes where needed.
  • Work in a multi-office environment and willingness to travel to other offices as required.
Requirements

Qualifications

  • Bachelor’s degree in Computer Science, Information Technology or similar field, or equivalent experience
  • 8+ years of information security experience with a focus on network, application and architecture.
  • 5+ years of security architecture experience.
  • Specific Information Security related experience including encryption, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment.
  • Knowledge of email security gateway, cloud and virtual technologies.
  • In-depth knowledge of mapping business requirements to technology and ability to identify security gaps at the architecture level.
  • Knowledge of common security vulnerabilities such as: XSS/CSRF, SQL Injection, Buffer Overflow, and DoS attacks.
  • Knowledge of the HTTP protocol, including analyzing the request/response.
  • Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders.
  • Understanding of networking, operating systems such as Linux and Windows..
  • Demonstrated knowledge of security industry standards and best practices such as OWASP and NIST.
  • Excellent interpersonal, analytical and problem-solving skills.
  • Proven ability to manage multiple tasks/projects.
  • GCIH, GCTI, CISSP, CEH, or other relevant certification preferred

Our Values

The PCAOB encourages a spirit of cooperation and teamwork, and fosters an environment of professional growth where employees can exercise their leadership ability, creativity, technical competence, and public interest focus in helping the PCAOB fulfill its mission.

Equal Employment Opportunity

All PCAOB employees are entitled to equal opportunity and a professional work environment, free of discrimination and harassment. A workplace free of discrimination is fundamental to professional success and to the PCAOB's mission. The PCAOB will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law.

#LI-DD1-R