Remote Cybersecurity Architect (Threat Intelligence and Security Integration)

Description:

• phia is seeking a Cybersecurity Architect who will focus on integrating Threat Intelligence Platforms (TIPs) with other security and operation tools.
• The position is remote and must be performed within the United States.
• U.S. citizenship and the ability to obtain a Public Trust are required.
• Responsibilities include assisting with the integration of Analyst1 and other TIPs with tools such as ServiceNow, Armis, Sentinel One, SIEM, EDR, IDS/IPS, and other network security tools to enhance threat detection and response capabilities.
• The role involves validating data received by Analyst1 from multiple tools and utilizing automation opportunities to streamline threat intelligence workflows.
• The Cybersecurity Architect will ensure seamless integration with existing security infrastructure and develop detailed System Security Concept of Operations (ConOps) documents.
• The position requires aligning the security architecture with the overall business and technology strategy of the organization.
• The architect will plan, design, build, test, and implement robust security architectures for all IT projects.
• Responsibilities also include performing vulnerability testing, risk analyses, and security assessments.
• The role involves testing, evaluating, and verifying hardware and software to ensure compliance with cybersecurity architecture guidelines.
• The architect will identify critical system capabilities that require enhanced security measures and conduct regular security reviews to identify gaps in the security architecture.
• Recommendations for changes or enhancements will be made based on security reviews, and assistance will be provided in configuring security tools.

Requirements:

• Candidates must have 5+ years of experience with SIEM systems, MITRE ATT&CK Framework, Endpoint Security Services, and the onboarding and implementation of various security tools.
• Proven experience in analyzing alerts from Cloud, SIEM, and EDR tools, and in the alerts tuning process is required.
• Familiarity with cybersecurity operation center functions and experience in configuring security tools is necessary.
• Candidates should have experience with security frameworks and the ability to interpret use cases into actionable monitoring solutions.
• Strong working knowledge of Security Information and Event Management (SIEM) systems, Intrusion Detection/Prevention Systems (IDS/IPS), and network and host malware detection and prevention is essential.
• Knowledge of web/email gateway security technologies and threat intel platform integration is required.
• Candidates should be familiar with utilizing Artificial Intelligence (AI) and Machine Learning (ML) opportunities to enhance security operations.
• A Bachelor’s Degree in an engineering or cyber discipline is preferred.
• Nice to have certifications include CompTIA Net+, A+, Security+, Certified Testing Engineer (CPTE), Certified Ethical Hacker (CEH), and Certified Information System Security Professional (CISSP).
• U.S. Citizenship is required, along with the ability to obtain Public Trust (or higher) government clearance.

Benefits:

• Comprehensive medical insurance is provided, including dental and vision coverage.
• Short Term and Long-Term Disability benefits are available.
• A 401k Retirement Savings Plan with Company Match is offered.
• Tuition and Professional Development Assistance are provided to support employee growth.
• Flex Spending Accounts (FSA) are available for employees.
• phia values work-life balance and promotes a supportive work environment.