Phoenix Recruitment · 5 hours ago
Mid-Level IT Security Specialist
Maximize your interview chances
Computer Software
Insider Connection @Phoenix Recruitment
Get 3x more responses when you reach out via email instead of LinkedIn.
Responsibilities
Design and implement Single Sign On Authentication using SAML, OKTA, OIDC
Design and implement Multi-Factor authentication on cloud or premises platforms.
Design and implement authorization and entitlements based on federated identity authentication.
Design and implement data-at-rest encryption of data stores and file systems.
Design and implement security on the cloud using AWS IAM, AWS KMS, AWS Secrets Manager, or an equivalent in AWS
Design and implement secure software architectures for our organization, ensuring that our systems, applications, and data are protected against current and emerging security threats.
Work with development teams to ensure that security is integrated into the software development lifecycle, including conducting security reviews, and recommending security tools and technologies such as OAuth, SAML, Key SaaS, Okta, and others.
Develop and maintain security policies, procedures, and standards based on modern frameworks such as NIST, ISO, and CIS, and ensure that they are up to date with current security best practices.
Design authorization architecture based on RBAC with technologies like Spring Boot etc.
Conduct security risk assessments and vulnerability scans and develop and implement plans to remediate identified vulnerabilities and threats using modern techniques such as threat modeling, red teaming, and purple teaming.
Design and implement security controls to protect our systems, applications, and data, including firewalls, intrusion detection and prevention systems, anti-virus software, endpoint security solutions, and encryption solutions based on modern cryptographic algorithms and standards such as AES, RSA, and SHA.
Stay current with emerging security threats and technologies and make recommendations for enhancing our security posture based on modern approaches such as Zero Trust, DevSecOps, and Cloud Security.
Lead security audits and assessments and develop and implement plans to remediate identified security gaps and compliance issues based on modern compliance frameworks such as PCI-DSS, HIPAA, and GDPR.
Provide security guidance and training to other teams and stakeholders, including training on security awareness and best practices based on modern training approaches such as gamification, simulation, and microlearning.
Develop and maintain relationships with external security vendors and partners and leverage modern approaches such as Threat Intelligence and Security Operations Centers (SOC) to enhance our security posture.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Experience: 3 + years
Bachelor's or Master’s degree in Computer Science or a related field.
10+ years of experience in software architecture and security, with expertise in modern security technologies and approaches.
Strong knowledge of security frameworks, standards, and best practices such as NIST, ISO, CIS, OAuth, SAML, Okta, Zero Trust, DevSecOps, Cloud Security, and OWASP.
Experience with modern security tools and technologies such as SIEM, SOAR, SAST, DAST, SCA, and Endpoint Detection and Response (EDR) solutions.
Experience with modern cryptographic algorithms and standards such as AES, RSA, and SHA.
Strong analytical and problem-solving skills.
Excellent communication and interpersonal skills, as well as experience working in cross-functional teams.
Ability to work effectively in a fast-paced, agile development environment.
Design and implement Single Sign On Authentication using SAML, OKTA, OIDC
Design and implement Multi-Factor authentication on cloud or premises platforms.
Design and implement authorization and entitlements based on federated identity authentication.
Design and implement data-at-rest encryption of data stores and file systems.
Design and implement security on the cloud using AWS IAM, AWS KMS, AWS Secrets Manager, or an equivalent in AWS
Design and implement secure software architectures for our organization, ensuring that our systems, applications, and data are protected against current and emerging security threats.
Work with development teams to ensure that security is integrated into the software development lifecycle, including conducting security reviews, and recommending security tools and technologies such as OAuth, SAML, Key SaaS, Okta, and others.
Develop and maintain security policies, procedures, and standards based on modern frameworks such as NIST, ISO, and CIS, and ensure that they are up to date with current security best practices.
Design authorization architecture based on RBAC with technologies like Spring Boot etc.
Conduct security risk assessments and vulnerability scans and develop and implement plans to remediate identified vulnerabilities and threats using modern techniques such as threat modeling, red teaming, and purple teaming.
Design and implement security controls to protect our systems, applications, and data, including firewalls, intrusion detection and prevention systems, anti-virus software, endpoint security solutions, and encryption solutions based on modern cryptographic algorithms and standards such as AES, RSA, and SHA.
Stay current with emerging security threats and technologies and make recommendations for enhancing our security posture based on modern approaches such as Zero Trust, DevSecOps, and Cloud Security.
Lead security audits and assessments and develop and implement plans to remediate identified security gaps and compliance issues based on modern compliance frameworks such as PCI-DSS, HIPAA, and GDPR.
Provide security guidance and training to other teams and stakeholders, including training on security awareness and best practices based on modern training approaches such as gamification, simulation, and microlearning.
Develop and maintain relationships with external security vendors and partners and leverage modern approaches such as Threat Intelligence and Security Operations Centers (SOC) to enhance our security posture.
Company
Phoenix Recruitment
Phoenix Recruitment is a leading staffing and recruitment firm that helps companies of all sizes find the best possible talent.
Funding
Current Stage
Early StageCompany data provided by crunchbase