Posted: Saturday, June 24, 2017 11:03 AM
Senior Architect Cloud Security Design and EngineeringSalary: up to $130,000 Commensurate with Experience Excellent BenefitsBrooklyn, NY DoITT provides for the sustained, efficient and effective delivery of IT services, infrastructure and telecommunications to enhance service delivery to New York City's residents, businesses, employees and visitors. As the City's technology leader, DoITT is responsible for maintaining the foundational IT infrastructure and systems that touch every aspect of City life from public safety to human services, from education to economic development crossing the full spectrum of governmental operations. Job Description:Design, document, configure and implement software and systems to help ensure optimal security for all layers of the Cloud stack to satisfy the system requirements ranging from the lowest level (network fabric) through to the hardware, OS, Cloud hosting platform and on into the design, implementation and securing of higher level services such as the IaaS, PaaS and SaaS layers;Design and implement penetration test case specifications for various platforms; evaluate, engineer, implement and support said technologies to ensure optimal security remediation and lock-down techniques across the platform at both the IaaS and PaaS level; design and engineer policy based security and audit compliance systems;Evaluate any security issues and suggested enhancements escalated by support to diagnose and address underlying system problems and inefficiencies - engage third party suppliers on support issues as required;Integrate the Cloud Platform with the firms Identity and Access Management systems (Active Directory & SSO) and leverage industry best practices for Authentication and Authorization;Handle special projects and initiatives as assigned. Preferred Skills:Authentication and authorization specialist detailed understanding of single-sign-on systems eg Kerberos, Active Directory, LDAP;Excellent understanding of IaaS and virtualization service orientated architecture designed around the delivery and security of Infrastructure components as a service;Strong analytical, diagnostics and troubleshooting skills - ability to solve complex problems at scale;Expertise in application, infrastructure and network security, along with penetration testing;Performance Management, software engineering, system administration, systems engineering, network engineering;Understanding of how servers, operating systems and networks function, perform and scale and how to best secure them without drastically impairing performance or functionality;Deep and broad understanding of services and architecture required to build secure Cloud computing platforms;Especially using encryption for data at rest and in transit;Identity Management, authorization and authentication expert including using SSL, IPSEC and PKI frameworks for securing and encrypting communications;Ability to troubleshoot and diagnose issues in modern, web not -scale distributed systems;Deep experience in Internet Protocol (IP), firewalls, encryption, intrusion detection systems, Web filtering, authentication and authorization methodologies;Proficiency in firewall technologies (Cisco PIX/ASA, Checkpoint, PF/ Iptables);Experience with network security technology such as access-lists and firewalls;Skilled in data analysis and network security threat analysis and remediation;Good knowledge of networking, security, DNS, Unix/Linux operations and troubleshooting;OS: Red Hat Enterprise Linux 6.x / 7.x / Windows Server 2008 R2 / 2012;Certified Cloud Security Professional (CCSP);Certificate of Cloud Security Knowledge (CCSK);Certified Information System Security Professional (CISSP). Qualification Requirements: BA/BS and 6 years related experience;-or- Education and experience equivalent. To ApplyPlease go to www.nyc.gov/jobs/search and search for Job ID #247140orEmail resume to ITrecruit@doitt.nyc.gov(Indicate '247140 - Senior Architect Cloud Security Design and Engineering' in subject line) SUBMISSION OF A RESUME IS NOT A GUARANTEE THAT YOU WILL RECEIVE AN INTERVIEW APPOINTMENTS ARE SUBJECT TO OVERSIGHT APPROVALSVisit us at www.nyc.gov/DoITTThe Department of Information Technology & Telecommunications and the City of New York are equal opportunity employerse.g. Kerberos, Active Directory, LDAP; SSL, IPSEC and PKI frameworks; Cisco PIX/ASA, Checkpoint, PF/ Iptables; DNS, Unix/Linux; (CCSP); (CCSK); (CISSP).
• Location: Brooklyn
• Post ID: 114098728 brooklyn