US Cellular is seeking candidates who are outrageous thinkers, Mr. Robot enthusiasts and even a misfit with conviction. Seeking audacious personality, limitless buoyancy with the right mix of pessimism and a desire to change the world one company at a time.
Rather than focusing on Degree or Certifications, candidates must show evidence of engineering and security architecture accomplishment. Qualified candidates are eligible for potential sign-on bonus.
The Enterprise Security Lead Architect is a critical part of the overall Enterprise Security department who is accountable for ensuring all Enterprise class technology solutions are implemented and maintained in accordance with security best practices and organizational requirements.
The team will advocate, design, and implement processes and technology relating to security risk and access control across the Enterprise organization; collaborates with the Information Risk group and Audit Group to identify & prioritize risk components, technology audits and compliance issues.
The Enterprise Security Architectural role is broken into three key areas, candidates who embody one or more of the following are encouraged to apply:
- Secure Application Coding: DevSecOps experience with Static and Dynamic code scanning technologies, Web Application Scanning (WAS) experience and OWASP Top Ten proficiency.
- Identity and Access Management: Security Architecture experience in Federation Services, Directory Services, Governance Reporting and Identity management.
- Cyber Security Specialist: Security Architecture experience in secure infrastructure, data base, Pen testing, vulnerability programs and general cyber best practices.
Role Specific Responsibilities
- Recognizes and identifies potential areas where existing security policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion.
- Ensure that security configurations of key systems are properly implemented, monitored and reported.
- Ensure the IS organization is aware of their responsibilities and accountability for compliance with Security policies.
- Conduct risk assessments in new and existing technologies.
- Provide information risk management consulting to technology teams.
- Evaluate and recommend security software/hardware and its application.
- Establishes alternative security measures if needed to support audit findings, known vulnerabilities, or disaster recovery efforts.
- Ensure technology teams are made aware of security engineering and architecture projects that could be incorporated into business solutions.
- Lead security investigations and provide forensics services in responds to security incidents.
- Ensure compliance with local regulations e.g. local encryption regulations and privacy laws.
- College degree in related technical / business areas preferred
- 10-12 years relevant work experience preferred
- Well rounded understanding of technology, operations and key business processes.
- Member of SANS or other leading security organizations
- Strong organization skills
- Strong change management skills
- Highly flexible and able to adapt to change
- Strong problem solving and analytical capabilities
- Excellent written and verbal communication skills
- Strong influencing and negotiation skills
Relevant Technical Skills
- Information Risk Management: Content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response, Identity Management (IdM), Federation Services, Directory Services, CASB, XaaS Security OWASP Top Ten to name some.
- O/S: Linux (Red Hat, SUSE), Windows (2000/XP2003 Server), and UNIX.
- Network: Firewalls, Proxy Servers, Reverse Proxy Servers, IPS, and SEIM.
- Software Languages: Perl and Shell
- Standards & Methodology: ITIL, COBIT, SOX, and PCI.
- Office Automation: Word, Excel, and Outlook.
- Planning & Design: Microsoft Project and Visio.
U.S. Cellular® is an EEO employer and gives consideration to qualified applicants without regard to race/color/age/religion/sex/sexual orientation/gender identity/national origin/disability/veteran status, pregnancy or genetic information.