To Apply for this Job Click Here
Position: Security Engineer/Architect
Location: Miami, FL
Type: Direct Hire
Employment Eligibility: Due to the travel requirements to Latin America and the Caribbean, Gravity can only consider U.S. Citizens at this time.
Job Description
Gravity IT Resources is seeking a highly skilled Security Engineer/Architect to join a growing Information Security team. This role is critical to developing and implementing robust security frameworks, ensuring compliance with regulatory standards, and enhancing the organization’s cybersecurity posture.
Position Summary:
The Security Enigneer/Architect will collaborate with cross-functional teams to design and strengthen cybersecurity defenses across both on-premises and cloud environments. This role involves analyzing complex situations, identifying security risks, and providing architectural guidance to align with industry standards and best practices.
Key Responsibilities:
Security Architecture Design
- Develop, review, and refine security architectures for on-premises and cloud-based systems.
- Define secure reference architectures to support cloud migration and modernization initiatives.
- Recommend security patterns, controls, and configurations for applications, data, and infrastructure.
Risk Assessment & Threat Modeling
- Conduct architecture reviews, risk assessments, and threat modeling for legacy and cloud systems.
- Identify security gaps, vulnerabilities, and misconfigurations within infrastructure and applications.
- Propose risk mitigation strategies aligned with business and technical objectives.
Security Standards & Governance
- Contribute to the development and enforcement of enterprise security standards, policies, and secure coding guidelines.
- Ensure solutions comply with NIST CSF, CIS Benchmarks, and applicable regulatory requirements (e.g., PCI DSS, GDPR).
Collaboration & Stakeholder Engagement
- Partner with engineering, infrastructure, development, and business teams to integrate security throughout system lifecycles.
- Provide architectural guidance and security consultation during planning, design, and implementation phases.
- Communicate technical risks and trade-offs effectively to technical and non-technical audiences.
Tooling & Vendor Engagement
- Evaluate security tools and technologies, including EDR, WAF, IAM, encryption, and monitoring solutions.
- Support security vendor selection, Proof of Concept (POC) initiatives, and solution integration.
- Stay current with emerging security technologies, threats, and architectural best practices.
Operational Security Support
- Assist with incident response by providing architectural insights during investigations.
- Review and enhance system hardening, segmentation, identity management, and data protection controls.
- Support integration of legacy systems with modern identity and access management platforms.
Qualifications & Competencies:
- Demonstrated expertise in securing hybrid IT environments, including legacy on-premises and cloud platforms.
- Strong understanding of network security, application security, and identity management principles.
- Familiarity with security frameworks (NIST CSF, ISO 27001, CIS Controls) and regulatory standards (PCI DSS, GDPR).
- Experience with architectural reviews, threat modeling, and secure design methodologies.
- Excellent communication skills to articulate complex security concepts to diverse stakeholders.
- Relevant certifications preferred: CISSP, CCSP, AWS/Azure Security Specialty, or equivalent.
- Strong analytical, problem-solving, and decision-making skills.
- ???????Ability to work in a global 24×7 environment and travel internationally, as needed.
Education & Experience:
- Bachelor of Science in Information Technology, Cybersecurity, or a related field.
- ???????Minimum of 4 years of experience in security architecture, engineering, or related security disciplines.