Cyber Security Architect III

Description

KARL STORZ SE & Co. KG based in Tuttlingen, Germany, is a family-owned, global company committed to benefiting humanity by advancing medical technology through innovation and education.

For more than 75 years, KARL STORZ has been dedicated to earning its international reputation as a leader that designs, engineers, manufactures, and markets all its products with an emphasis on visionary design, precision craftsmanship, and clinical effectiveness.

I.  Job Purpose

  The Cyber Security Architect will be responsible to build a resilient cyber architecture and play an integral part in protecting KARL STORZ from cyber threats by developing cyber security controls and design patterns. In this role, the architect will work closely with key IT and Business Unit stakeholders to review, recommend, and implement best practices on data security, network security, cloud security and application security to ensure compliance with KARL STORZ’s Information Security enterprise architecture policies, processes, and standards. Determine their root cause.

II.  Job Duties

•  Lead and manage the security architecture review process and develop advanced cyber security controls for Cloud, Network, Endpoint, and Applications.
• Develop and maintain comprehensive documentation on advanced design patterns and security architecture requirements.
• Collaborate closely with IT and business stakeholders, enterprise architects, and senior leadership to understand business strategies and ensure the effective implementation of cyber security architecture changes and control adoption.
• Proactively monitor and evaluate industry best practices, emerging cyber threats, and trends to drive continuous improvement in cyber controls.
• Design and implement advanced cyber security solutions for applications, endpoint security, web & email security, cloud security, FW/IPS, SD-WAN NAC controls, and zero trust network architecture.
• Analyze and evaluate Security Operations Center reports, threat reports, audit reports, and regulatory changes to identify and prioritize risks, and drive remediation efforts.
• Conduct comprehensive security assessments, self-assessments, and independent security reviews to monitor and evaluate the environment, including third-party integrations.
• Assess and enhance the cloud security posture through continuous control monitoring and develop strategies to address any vulnerabilities or weaknesses.
• Lead the implementation and management of a robust security mitigation plan to proactively respond to control weaknesses and emerging threats.
• Identify, analyze, and communicate current and emerging security threats and their potential impact to relevant stakeholders, including senior management.
• Design and implement advanced security architecture elements to mitigate and counter emerging threats effectively.
• Define, implement, and enforce comprehensive security configuration baselines for IT infrastructure.
• Identify and address security design gaps in existing and proposed architectures, and provide recommendations for changes or enhancements.
• Led the review and approval process for installing and configuring various security technologies, such as firewalls, VPNs, routers, SOAR, NDR, EDR, SIEM, and IDS.
• Conduct thorough testing and validation of security systems to ensure they meet security requirements and behave as expected.
• Develop and deliver training programs to educate users on the implementation and optimal use of security technologies.
• Lead and coordinate incident response efforts, providing thorough analysis and remedial solutions for security-related incidents.
• Drive recommendations and implementation of changes to security tools and technologies to proactively remediate and mitigate threats.
• Actively monitor and analyze relevant security bulletins and participate in security forums to stay ahead of emerging threats and their potential impacts.
• Conduct in-depth analysis of emerging threats and their potential impacts on the environment and systems, driving proactive measures to enhance security posture.
• Perform additional duties as assigned by senior management.

  III. Minimum Knowledge, Education, and Skill Requirements

  Required

•   Minimum years of relevant work experience:  5+ years of experience in designing cloud security, network security, data security, and application security solutions.
• Minimum education, certifications, and/or credentials: Undergraduate degree in cybersecurity, computer science, or equivalent technical discipline and one of the following certifications: CISSP or other equivalent Cyber Security certifications
• Minimum hard skill requirements (including computer and application proficiency):
• Overall, is expected to be a curious, creative thinker who is deeply interested in the latest security developments and tools.
• Intermediate knowledge of Viso or other diagramming tools
• Intermediate knowledge of virtualization technologies such as VMWare ESXi, AWS, Azure
• Intermediate knowledge of cloud technologies such as IaaS and SaaS
• Intermediate knowledge of the Windows and Linux operating systems.
• Intermediate knowledge of identity access systems such as Active Directory, Azure AD
• Intermediate knowledge of common network infrastructure devices such as routers and switches
• Intermediate knowledge of networking protocols such as TCP/IP, DNS, HTTP/S
• Intermediate knowledge in system security architecture and security solutions
• Minimum soft skill requirements:  Moderate scope problem-solving. Exercises judgment within defined procedures.

Preferred

• Preferred years of relevant work experience:  6+ years of experience in designing cloud security, network security, data security, and application security solutions.
• Preferred education, certifications, and/or credentials:   Master’s degree in cybersecurity , computer science, or an equivalent technical discipline and one of the following certifications: SANS Sec 4xx (e.g. GIAC Security Essentials (GSEC)) or other equivalent Cyber Security certifications

Preferred hard skill requirements:

• Intermediate knowledge of the ISO 27001/27002, NIST CSF, COBIT, and ITIL frameworks
• Intermediate knowledge of Network Security, Cyber Defense, Vulnerability Management, Security Architecture, and Cloud Architecture.

#LI-KM1

Pay Transparency

The salary range and/or hourly pay rate listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job posting and may be modified in the future.  When determining a specific team member’s base salary and/or hourly pay rate, several factors will be considered including such things as location, specialty, service line, years of relevant experience, education, professional credentials, internal equity, and the amount budgeted for the role.

Credentialing requirements at KARL STORZ

KARL STORZ is committed to maintaining a safe work environment for our employees and customers.  Most field-based roles at KARL STORZ require hospital credentialing/health screens as a condition of employment. Credentialing can include required vaccinations, health screens & other requirements as outlined by our customers.  During the interview process, we encourage you to ask how credentialing/health screens may impact the role you are seeking and if you require any reasonable accommodations regarding these requirements.

Employee Benefits Program Overview for U.S. Locations

• Medical / Dental / Vision including a state-of-the-art wellness program and pet insurance, too!*
• 3 weeks vacation, 11 holidays plus paid sick time*
• Up to 8 weeks of 100% paid company parental leave**
• 401K retirement savings plan providing a match of 60% of the employee’s first 6% contribution
• Section 125 Flexible Spending Accounts
• Life, STD, LTD & LTC Insurance
• We prepay your tuition up to $5,200 per year!  – Tuition preimbursement
• Fitness reimbursement of up to $200 annually
• Employee referral program of up to $2,000 per hire
• And much more!

*Field sales, internships, and part-time employees are not eligible except where required by state law.
Non-employees, including temporary workers and consultants, are not eligible to participate in the KARL STORZ benefits program.

**To include, maternal/paternal leave, adoption, and fostering of a child.

KARL STORZ reserves the right to change or modify the employee’s job description whether orally or in writing, at any time during the employment relationship. Additionally, KARL STORZ, through its supervisors, may require an employee to perform duties outside their normal description within the sole discretion of the supervisor. Employees must comply will all applicable KARL STORZ policies and procedures.

Equal Employment Opportunity &  Reasonable Accommodation  Statement
KARL STORZ is committed to creating an inclusive space where employees are valued for their skills and unique experiences.  To achieve this goal, we are committed to diverse voices, and all applicants will receive consideration without regard to race, color, sex, national origin, disability, veteran status, or any other protected characteristic.  KARL STORZ is also committed to providing reasonable accommodations during our recruitment process.  Should you need assistance or accommodation please email us at TaleoAdministrator@karlstorz.com. 

Notice to Employment Agencies
This recruitment assignment is being managed directly by KARL STORZ’s Human Resources team. Human Resources will reach out to our preferred, contracted agency partners in the rare instance additional talent options are required. Your respect for this process is appreciated. KARL STORZ does not accept unsolicited Agency resumes. Resumes received which were unsolicited by the KARL STORZ Human Resources department will be ineligible for referral fees.