Security Architect – Farmington Hills, MI
Posted: August 30, 2023
This position is eligible for a hybrid work arrangement. Currently 5 days of on-site work per month are required.
The role of the Security Architect at MDT is to ensure that security requirements necessary to protect MDT’s mission and business processes are adequately addressed. The Security Architect is responsible for designing and implementing comprehensive security solutions and strategies.
Duties & Responsibilities
- Design and implement security controls for cloud-based systems.
- Monitor and review cloud service provider security policies and ensures compliance with organizational requirements.
- Design and implement Zero Trust principles and frameworks to enhance the security posture of our systems and networks.
- Conduct security assessments and risk analysis to identify vulnerabilities and propose mitigation strategies within the Zero Trust framework.
- Collaborate with cross-functional teams to define access policies, user authentication mechanisms, and secure connectivity across various environments.
- Design and deploy secure SSO solutions for seamless and centralized authentication and authorization across multiple applications and systems.
- Define SSO policies, authentication protocols, and access controls to ensure appropriate user access and privilege management.
- Integrate SSO with identity providers (IdPs), directory services, and third-party applications.
- Troubleshoot SSO-related issues, perform log analysis, and implement necessary improvements to enhance security and user experience.
- Collaborate with stakeholders to understand business requirements and translate them into effective security controls and solutions.
- Make recommendations to reduce risks.
- Administers to the enterprise security infrastructure including, but not limited to, the systems supporting: network security monitoring, two-factor authentication, web application firewalls, vulnerability management, endpoint detection and response, data loss prevention, and enterprise logging.
- Supports incident response processes.
- Compiles metrics for leadership.
- Assists in installing, implementing, and maintaining security software.
- Maintains the availability, patching, and operational functionality of assigned security systems.
- Evaluates new security tools, products, and solutions for applicability to security needs.
- Makes recommendations regarding purchase of security products.
- Ensures MDT’s reputation is maintained internally and externally.
- Ensures appropriate levels of security and confidentiality are always maintained.
- Acts as a representative of MDT with business and professional organizations and external IT contacts.
- Keeps management informed of area activities and any significant concerns.
- Attends and participates in meetings as required.
- Completes accurate tickets, reports, records, and other documentation as necessary.
- Stay up to date with industry trends, emerging technologies, and security best practices to proactively identify potential threats and vulnerabilities.
- Responsible for working with the security team and other departments to ensure work is flowing effectively and timely throughout the organization.
- Assists in setting department and company standard practices and procedures.
- Responsible for working with company vendors to ensure the delivery of products or services is successful.
- Acts as a subject matter expert for co-workers.
- Stays informed of trends and changes in the information security field.
- Completes special projects and research studies as required.
- Ensures that work area is clean, secure, and well maintained.
Education & Experience Requirements
- Bachelor’s degree in Computer Science or a related field, or an equivalent combination of training and experience in Computer Science.
- Professional certifications such as CISSP, CISM, CCSK, or CCSP are highly desirable.
- Ten years of experience as a Security Architect or similar role, with a focus on cloud security, Zero Trust architecture, and SSO.
- Strong knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and associated security controls.
- Experience designing and implementing Zero Trust architectures, including network segmentation, secure access controls, and strong authentication mechanisms.
- Experience with designing and implementing Secure Access Service Edge (SASE) and Software-Defined Wide Area Network (SD-WAN).
- In-depth understanding of SSO protocols and standards (e.g., SAML, OAuth, OpenID Connect) and their implementation.
- Technical understanding of threat actor attack techniques.
- Familiarity with security frameworks and standards (e.g., NIST Cybersecurity Framework, ISO 27001, CIS Controls).
- Excellent analytical and problem-solving skills, with the ability to assess complex security requirements and recommend appropriate solutions.
- Effective communication and interpersonal skills to collaborate with cross-functional teams and communicate security concepts to non-technical stakeholders.
- Self-motivated and ability to meet deadlines with minimal supervision.
- Well organized and attentive to detail.
- Strong leadership abilities.
- Project management skills.
- Ability to maintain confidentiality.
- No hazardous or significantly unpleasant conditions (such as in a typical office).
- Additional hours, including on call with Saturday/Sunday support, as required.
- Long duration of computer workstation usage.
To apply for a posted position, please click here.
Member Driven Technologies is an equal opportunity employer. We hire individuals on the basis of ability, experience, education, intelligence, and character. Member Driven Technologies does not discriminate against any employee or applicant because of race, color, sex, religion, gender identity or expression, sexual orientation, pregnancy, national origin, age, height or weight, marital or protected veteran status, genetic information, disability status, or otherwise to the full extent of all applicable laws. Our equal employment opportunity policy applies to all of our employment practices, including hiring, training, advancement, discipline, and compensation.