See yourself at Odyssey.

Join the team as our new Cybersecurity Architect!

Who We Are & Why We’re Hiring

Odyssey Logistics & Technology Corporation (Odyssey) is a global logistics provider. Our adaptive approach to solving modern logistics challenges differentiates us in the markets we serve. Odyssey Logistics & Technology’s specialized multimodal expertise is the strategic foundation that provides clients with a full-service offering across our four operating divisions including intermodal, freight forwarding, transport & warehousing, and managed services.

Odyssey’s multimodal services offer cost-effective, end-to-end freight solutions equipped to deliver on evolving customer requirements. Combined, Odyssey delivers innovative, high-value logistics services & technology solutions to support diverse customer requirements. In addition to being certified by the American Chemistry Council as a Responsible Care® partner company we consistently exceed customer expectations by integrating analytics, carrier relationships, specialized assets, sustainability strategies and deep international expertise. Our unique approach ensures that customer shipments keep moving at full speed, even in the face of ever-changing market headwinds.

Based in vibrant Charlotte, NC Odyssey is on a journey to constantly innovate logistics. We’re actively recruiting for this key, high profile role in the company because we have experienced tremendous growth and would love for you to join us!

Visit us at: www.OdysseyLogistics.com/careers

About the Job:

The Cybersecurity Architect is a senior-level role pivotal to an organization's security strategy and overall risk management framework. This position is responsible for designing, implementing, and managing the comprehensive security architecture of an organization’s IT infrastructure, encompassing on-premises and cloud environments. The Cybersecurity Architect ensures that all security measures align with business objectives, comply with regulatory requirements, and mitigate potential threats.

• Framework Development: Create and maintain robust security frameworks that integrate seamlessly with the organization's overall IT architecture. This includes defining security principles, policies, standards, and guidelines.
• Integration and Configuration: Design and implement security solutions, such as firewalls, encryption protocols, identity and access management systems, and intrusion detection/prevention systems, ensuring they are effectively integrated across the organization's infrastructure.
• Blueprints and Documentation: Develop and maintain detailed security blueprints and architecture diagrams that provide a strategic roadmap for the organization's security posture.
• Cybersecurity Strategy: Develop a forward-thinking cybersecurity strategy that aligns with business objectives and addresses current and future security threats. Ensure the strategy is adaptable to the evolving threat landscape.
• Risk Management: Conduct thorough risk assessments to identify vulnerabilities and potential threats. Develop and implement comprehensive risk management strategies to mitigate these risks and safeguard critical assets.
• Policy Development: Establish, document, and enforce security policies, standards, and procedures. Regularly review and update these policies to reflect the latest security threats and best practices.
• Security Project Leadership: Lead and manage security-related projects from inception to completion, ensuring they are delivered on time, within scope, and within budget. Define project scopes, objectives, deliverables, timelines, and budgets.
• Cross-Functional Collaboration: Work collaboratively with IT, development, and business teams to ensure security requirements are integrated into all projects and initiatives. Provide expert guidance to implement security best practices throughout the project lifecycle.
• Vendor and Partner Management: Evaluate, select, and manage relationships with security vendors and service providers. Ensure third-party solutions meet the organization's security standards and requirements.
• Incident Response Planning: Develop and oversee comprehensive incident response plans and procedures. Lead the response to security incidents, ensuring prompt identification, containment, eradication, and recovery.
• Forensic Analysis: Conduct in-depth forensic analysis of security breaches to understand attack vectors, scope, and impact. Provide detailed incident reports and implement measures to prevent future incidents.
• Continuous Improvement: Analyze past incidents and conduct lessons learned sessions to continuously improve the incident response process and enhance the overall security posture.
• Monitoring and Detection: Implement and oversee advanced security monitoring systems to detect and respond to threats in real-time. Ensure continuous monitoring and analysis of network traffic, system activities, and user behavior.
• Regulatory Compliance: Ensure the organization complies with all relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Conduct regular audits and assessments to verify compliance and address any gaps.
• Audit Preparation: Prepare for internal and external audits, ensuring all security measures and documentation are in place and up-to-date.
• Emerging Technologies: Stay informed about the latest cybersecurity trends, threats, and technologies. Conduct research to evaluate new security solutions and recommend their adoption where appropriate.
• Innovation: Drive innovation in security practices by developing and implementing new methodologies and tools to enhance the organization’s security posture. Identify opportunities for continuous improvement.

Required:

• Minimum of 7-10 years of experience in cybersecurity or related fields, with at least 3-5 years in a senior or architect role.
• Bachelor’s degree preferred; advanced professional security certifications are highly desirable
• Experience with Web Authentication concepts of SAML, OIDC, and OAuth2
• Deep understanding of security principles, frameworks, and best practices (e.g., NIST, ISO 27001). Extensive experience with network security, cloud security, application security, and data protection.
• Proficiency with security technologies and tools (e.g., SIEM, IDS/IPS, firewalls, encryption). Experience with scripting and automation tools (e.g., Python, PowerShell) is preferred.
• Excellent communication and leadership skills, with the ability to collaborate effectively across teams and departments.
• Experience developing and reviewing cybersecurity documentation, standard operating procedure (SOP)
• Experience with GAP assessments, penetrations testing and techniques, and patch management.
• Knowledge of common information security management frameworks, such as ISO, ITIL, COBIT, and NIST, including the Cybersecurity Framework and 800-53.
• Experience with modern security tools in EDR/XDR (e.g. Crowdstrike), Vulnerability Management (e.g. Rapid7), Patch and Endpoint Management (e.g. Automox, Intune), Office 365 / Azure (e.g. Defender, Azure AD, Exchange), AWS, SIEM/External SOC/MDR (e.g. Arctic Wolf), Log Aggregation, Dynamic Code Scanning, EASM, Knowledge and Phishing (e.g. KnowBe4), and dynamic penetration testing.
• Strong ability to communicate information security and risk-related concepts to technical and non-technical audiences at various hierarchical levels, ranging from board members to technical specialists.

• Location: This is an in-office role in Charlotte, NC

• We offer a generous compensation and benefits package including:

• Choice of medical plans with FSA, HRA and HSA options

• Company-paid dental and life/disability Plans

• 401K with company match

• Preferred vendor discounts

• Competitive Paid Time Off

• No relocation allowance will be considered unless specifically addressed. All applicants must be currently authorized to work in the United States.

• Odyssey does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth and pregnancy-related conditions), gender identity or expression (including transgender status), sexual orientation, marital status, military service and veteran status, physical or mental disability, genetic information, or any other characteristic protected by applicable federal, state or local laws and ordinances.

Other details

• Job Family: Information Technology
• Pay Type: Salary
• Travel Required: Yes
• Travel %: 10
• Required Education: High School

Job Summary:

We are seeking a skilled and experienced Firewall Engineer to join our team. The ideal candidate will have extensive experience with firewall technologies, including Cisco ASA and Juniper SRX, as well as a strong background in security networking. This role requires a professional who can design, implement, and manage complex firewall solutions to ensure the security and integrity of our network infrastructure.

• Design, implement, and manage firewall solutions using Cisco ASA and Juniper SRX.
• Monitor and analyze firewall performance and security logs to identify and mitigate potential threats.
• Develop and enforce network security policies and procedures.
• Perform regular system audits to ensure compliance with security standards and regulations.
• Collaborate with other IT and security teams to integrate firewall solutions with other network and security components.
• Troubleshoot and resolve network and firewall-related issues promptly.
• Maintain and update firewall configurations and firmware to ensure optimal performance and security.
• Provide training and support to junior network engineers and IT staff on firewall technologies and best practices.

Requirements:

• Minimum of 5 years of experience in security networking.
• Proven experience with Cisco ASA and Juniper SRX firewalls.
• Cisco CCNA or Juniper equivalent certification.
• Cisco CCNP or Juniper equivalent certification.
• Strong understanding of network security principles and best practices.
• Experience with network monitoring and management tools.
• Excellent problem-solving skills and attention to detail.
• Strong communication and documentation skills.
• Ability to work independently and as part of a team.
• Secret Clearance is required.

Preferred Qualifications:

• Top Secret Clearance SCI eligible.
• Experience with NetScreen Firewalls.
• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Additional certifications in network security or firewall technologies.

Benefits:

• Competitive salary and benefits package.
• Opportunities for professional growth and development.
• Supportive and collaborative work environment.
• Access to the latest technologies and tools.

This position operates with minimal government lead supervision supporting the Department of Defense (Navy). Our company also does commercial work outside of the DoD which occasional pull teams members based on interest and skillsets

• Conduct internal and external security testing, mimicking real-world attack techniques to identify vulnerable systems or opportunities for circumventing security defenses
• Performs vulnerability analysis and exploitation of applications, operating systems or networks.
• Develop custom exploits and/or design security tests to emulate threats and demonstrate the potential vulnerabilities within network
• Devises tests and scenarios for various penetration tests and collaborative purple team exercises
• Identify potential flaws and vulnerabilities in external and internal systems, demonstrate how those weaknesses could be exploited, and support the development of countermeasures to reduce or mitigate risk
• Develop comprehensive reports and presentations for both technical and executive audiences, tailor the content to meet the audiences where they are, and design the messaging to help mitigate risks and identify defensive options
• Perform application analysis, reverse engineering, or malware analysis as needed, to include the use of an offline workstation to analyze the functions of raw code to identify its functionality and develop defenses tailored to the customer
• This position could require significant travel to client sites

Required Qualifications

• Active DoD Top Secret clearance
• Active DoD 8570 IAT Level I or greater, and at least one the following certifications in good standing: OSCP, OSCE, OSWA, OSWE, GPEN, GXPN, GWAPT
• 7+ years of recent and direct experience with security operations in threat hunting activities
• 7+ years of recent and direct experience with penetration testing and vulnerability assessments
• Experience conducting scenario-based and functional security testing during authenticated and unauthenticated testing.
• Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.
• Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery).
• Significant hands-on experience leveraging commercial and open-source tools for scanning and security testing (e.g., Nmap, Nessus, Kali Linux, Cobalt Strike, Virtualization, Burp Suite, etc.)

Preferred Qualifications

• Comfortable using Scripting Languages preferred (must be able to read/modify scripts in Python, Ruby, Lua/NSE, PowerShell scripting languages)
• Experience creating Rules of Engagement, Policy development, TTPs, CONOPs
• Experience working with the IR/SOC team in an as needed support role during investigations
• Experience in Red and Purple team testing methodologies a plus
• Knowledge of the MITRE ATT&CK and D3FEND frameworks a plus
• Experience emulating specific ATPs a plus

All qualified applicants will receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, disability, veteran status, age, marital status, pregnancy, genetic information, or other legally protected status