Sr. Director, Cyber Security Architecture and Engineering in New York, NY at Vaco

Date Posted: 7/8/2019

Job Snapshot

Job Description

Vaco is a private-equity backed solutions company that provides consulting, managed services, staffing, and placement services globally. Established in 2002 by "Big 4" consulting veterans, Vaco now has over 40 offices and has worked with over 9,000 clients. We have over 6,000 consultants and been named to Inc. magazine's list of fastest-growing private companies for the past 12 years. Vaco offers boutique services with global reach.

The Vaco Cyber Security team's success relies on the trusted relationships built with our clients. We recognize the challenge organizations encounter improving security, restructuring operations and handling risk while maintaining compliance and keeping costs down. Our information security specialists work closely with organizations to provide the solutions that best match business and security objectives. As a member of the team, you will have the opportunity to utilize and expand your skills through client experience and industry training while collaborating with security professionals across industries. Our team provides the full spectrum of security services to clients including, Strategy & Advisory, Identity & Access Management, Cyber Security Operations, Managed Services, Governance, Risk, and Compliance.

Looking for an exciting career opportunity in Cyber Architect? Instead of being another faceless resume, let Vaco advocate for you! Right now, we are looking to fill a position for our Cyber Architect Team. With Vaco, you will have an advantage over your competition! Our information security practice maintains strong relationships with clients, connect your experience with the right consulting project-promoting your strengths to the manager while preparing you for that specific interview.

Our team will provide you with great insight about trends in the market - keeping you up to date on compensation expectations, opportunities to work on exciting, impactful projects, and opportunities for industry training and advancement. If you're an experienced, and you want to partner with the best, apply today!

Job Description

The Lead Cybersecurity Architect will be responsible for translating security requirements into system qualities (e.g., tenets) and then into repeatable design strategies, and patterns based on security architecture standards. The Cyber Security Architect will collaborate with the application development, Infrastructure, IAM and other business units across the enterprise to integrate cybersecurity services. The successful candidate will be a strong technologist with pragmatic view and creative mind, and a natural collaborator with lines of business (LOB), security, infrastructure architects, application architects, engineers, developers and senior management. The Cyber Security Architect is expected to lead through influence, communicate effectively through clarity of thought and demonstrated understanding of business, security and technical requirements. This position reports to Enterprise Cyber Security Team with dotted line to CISO for the LOB.


  • Reviews existing security architecture, identifies design gaps, and recommends security enhancements
  • Stays abreast of current and emerging security threats and designs security architecture to mitigate them
  • Ensures alignment between security architecture frameworks, standards and overall business strategy
  • Serves as an information security expert and trusted advisor to partners in technical and non-technical business units
  • Develops and maintains cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
  • Develops and provides strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
  • Represents department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
  • Collaborate and drive key requirements through governance bodies: Architecture Review Board, Technology Review Board, Data Governance and Information Risk Related committees
  • Strong background in IaaS, PaaS, SaaS architectures with demonstrated experience in supporting design and migration strategies


  • Bachelor's Degree (BS) in Cybersecurity, Information Security, Computer Science, Information Assurance, or equivalent experience will be considered.
  • Working knowledge of TOGAF and SABSA methodologies for creation of baseline and target architectural blueprints
  • 7 years' experience with Secure Application Development (Enterprise, mobile, web apps) using Hybrid Cloud - On Premise and the Public Cloud. Familiar with where security needs to be supplemented when higher security is required.
  • Skilled in Container and Microservice Technologies, AWS or Azure Security, Cloud Security Alliance Control Matrix expert.
  • Deep insight into Cloud - IAAS and PAAS Security Controls (AWS, Azure, GCP, VMware, etc.).
  • IAM: Authentication, Authorization, MFA, Federation with Active Directory.
  • Infrastructure Security and Integrity: Infrastructure Segmentation, Operating Systems and Application Repository, Server Security - Secured Enhanced Linux (RHEL), File Integrity / Data Tamper Monitoring, Network/Security Monitoring.
  • Experience with Hardening the infrastructure, Baseline Device Hardening: OS, VM, and Mobile Device Hardening to ensure Confidentiality, Integrity and Availability (CIA).
  • Expert knowledge and implementation of secure application architectures, encryption technologies, cryptography and key management, and authentication and control of application permissions
  • Direct experience with secure application development and application security risk mitigation techniques
  • Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Objective C, Python, JavaScript.
  • Versed with recent versions of the OWASP Top Ten for web application security
  • Detailed understanding of and experience with application deployments in corporate environments
  • Experienced with Threat Modelling tools for Enterprise, mobile and web apps.
  • Understands Static Code Analysis, Dynamic Code Analysis, Penetration testing and has helped companies remediate coding vulnerabilities and issues.
  • Perform security related services and process assessments and evaluations based on NIST, OWASP, NIST, PCI-DSS, CWE/SANS, CSA guidelines.
  • Experience working in DevOps, continuous integration and Agile, including design of security solutions, including creating artifacts, models, and strategy presentations
  • Authentication and Password Management, Session Management, Access Control, Input Validation, Output Encoding, Cryptographic Practices, Error Handling and Logging, Data Protection, Communication Security, System Configuration, Database Security, File Management, Memory Management, General Secure Coding Practices.
  • Cloud and Container Technologies (Docker) - SaaS, IaaS, PaaS.
  • Web Application security, Vulnerability management: Application Firewalls, SEIM, Anti-Virus.
  • Data Loss Prevention (DLP), FIM, Secure coding and configuration standards
  • VPN technologies such as PKI, IKE, IPSEC, SSL/HTTPS and digital certificate
  • Information security practices: PCI-DSS, ITGC's, HIPAA and Privacy


  • 25 - 35% travel to Northeast