• Responsible for architecting, reviewing various product designs, and providing guidance on secure design principles.
• Work with security architects and enterprise architects to establish software security design standards.
• Perform security design reviews to ensure systems are in compliance with the established software design standards.
• Support new technologies and frameworks from the development teams by providing security guidelines and solutions.
• Perform comprehensive security assessments including threat modeling for the firm’s critical assets.
• Provide Subject Matter Expert support to development teams on secure design principles and recommended frameworks.
• Provide web security guidelines and solutions to development teams on authentication, authorization, session management, data protection (encryption) and key management.
• Provide leadership on different forums on promoting security awareness, including recommended solutions, and staying current on net new threats, vulnerabilities, and OWASP best practices.
• Involves the opportunity to telecommute from within the Jacksonville, FL area up to two (2) days per week, as feasible.

• Bachelor’s degree (U.S. or foreign equivalent) in Computer Science, Engineering, Information Systems, or a related field plus five (5) years of progressively responsible, post-baccalaureate experience in a related cyber security role.
• Five (5) years of experience with/in: defining security frameworks and application security for enterprise-wide projects; performing comprehensive security assessments including threat modeling on web applications; providing web security guidelines and solutions to development teams on authentication, authorization, data protection (encryption techniques) and key management; utilizing security frameworks including any one of the following: Microsoft Security Development Lifecycle (SDL), OWASP Software Assurance Maturity Model (SAMM), or Building Security in Maturity Model (BSIMM); working with core security networking concepts including any one of the following: Transport Layer Security (TLS), Secure Shell (SSH), Domain Name System (DNS), or Firewalls; and working with top security frameworks including any one of the following: NIST 800-53, CIS, ISO 27000 series, or COBIT.
• Three (3) years of experience required working with each of the following: Lightweight Directory Access Protocol (LDAP), Single sign-on (SSO), Security Assertion Markup Language (SAML), and Active Directory.
• Involves the opportunity to telecommute from within the Jacksonville, FL area up to two (2) days per week, as feasible.

NA