Big Data Security Architect

POSITION PURPOSE - 
Performs the necessary leadership, facilitation, analysis and design tasks related to the development of an enterprise security analytics and threat detection program

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES - 
• Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls to reduce risk to an acceptable and manageable level.
• Perform big data analysis and security analytics to model, simulate and detect attack scenarios and anomalies.
• Perform end-to-end threat modeling of complex systems and solutions and generate detection frameworks/signatures to detect threats/anomalies
• Build, maintain and manage large scale big data analytics frameworks and systems
• Establish SIEM and data aggregation/correlation capabilities for data obtained from security sensors and end points
• Technical support could include but not limited to the following: (1) Audit support & remediation, (2) Process Improvement, (3) Analysis & Reporting, (4) Cross Divisional Functional education, training and awareness, (5) Function/Methodology/Strategy advancement.
• Provide technical support to senior management in identifying and streamlining new/existing protocols and tools used by the penetration testing team.
• Develop and automate scripts, tools and resources needed to advance ethical hacking capabilities around new and emerging technologies like mobile, cloud and embedded systems
• Actively involved in security research around new and emerging technologies
• Provides second- and third-level support and analysis during and after security incidents.
• Research and assess new threats and security alerts and recommend remediation actions.

NATURE AND SCOPE - 
Typically reports to Senior Architect, Senior Manager, or Director. 
No associates report to this role on a permanent basis, but requires the leadership of a work group: assign and review work, train and contribute to performance appraisal (but not hiring, firing or disciplinary action). 

ENVIRONMENTAL JOB REQUIREMENTS – 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. 
Typically requires overnight travel less than 10% of the time.

ESSENTIAL SKILLS 
MINIMUM QUALIFICATIONS - 
Must be eighteen years of age or older. 
Must pass the Drug Test. 
Must pass the Background Check. 
Must pass pre-employment tests if applicable. 

EDUCATION REQUIRED - 
Master's degree (or PHD) in Computer Science, Information Security, Information Technology, Electrical/Electronics Engineering or a related field or equivalent experience

PHYSICAL JOB REQUIREMENTS - 
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. 


EXPERIENCE REQUIRED - 
• 1-2 years of combined job or research experience
• Expertise in security analytics, signature development, APT emulation and advanced threat modeling
• Experience in big data analysis, map reduce and Hadoop frameworks
• Well versed in statistical modeling and statistical programming languages like R, SAS etc.
• Prior experience or expertise in network data/protocol analysis
• Hands on experience in encrypted traffic and network protocol analysis to detect malware behavior, botnets and malicious activities
• Strong understanding of cryptographic concepts and applied cryptography (SSL, AES etc.)
• Proficiency in one or more scripting language. E.g. Perl, Python, Shell Scripting etc.
• Proficiency in one or more high level programming languages like Java, C, C++, Ruby etc.
• Good knowledge of OS internals, kernel modules and system authentication/process frameworks of windows and linux operating systems
• Knowledge of or experienced in exploit development, vulnerability research/reporting or writing system modules in C & C++
• Good knowledge of OS internals, kernel modules and system authentication/process frameworks of windows and linux operating systems
• Detailed understanding of OSI and TCP stack with emphasis on  computer architecture and networking protocols
• Knowledge of web application technologies and layer 7 protocols like HTTP, DHCP, DNS, FTP etc.
• Good understanding of networking concepts around Ethernet, switched LAN and WAN environment
• Prior knowledge or academic familiarity with reverse engineering, malware analysis, security research and forensic tools will be an added advantage
• Familiarity with security tools & frameworks like Metasploit, Kali, Canvas etc. is a plus
• Strong problem solving and analytical skills
• Strong verbal and written communication skills
• Strong operational skills; quality and results oriented
• Must be eighteen years of age or older.
• Must pass the Drug Test.
• Must successfully complete any required training or orientation courses.
• Strong client service orientation


KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES - 
Expert technical proficiency in one or more of the following: Retail applications, Windows platform, UNIX platforms, MVS COBOL, JAVA, J2EE, Relational Databases, Websphere Application Server, Websphere Commerce, Websphere MQ, Networking (Voice, LAN, WAN), SAP, Siebel, Peoplesoft. 

Comprehensive understanding of systems, applications, and/or networks so that practical solutions can be provided that factor system performance, usability, quality, cross-system interdependencies, scalability, and overall cost to develop and maintain. 

Strong problem solving and analytical skills. 

Strong oral and written communications skills