Job Description :
Security - Technical Writer in Cambridge, MA.

Job Description:

Write Security Architecture Standards (policies) as needed. Work independently to provide security considerations and practical guideline for certain security technical areas to protect application, including networking, architecture, access control and etc. The areas are for example

Both on premise DC and in cloud virtual environment (especially for AWS and Azure)

Web Application Firewall (WAF), such as F5, Imperva, ModSecurity and etc.

Next Generation Firewall (NGFW)

DDoS protection,

Anti-bots protection technologies

Content Delivery Network (CDN)

Load Balancers and Application Delivery Controllers

Network Firewall

IDS/IPS


Design and write Application Security Development Guideline or best practices for certain areas as needed. Work independently to identity, research and provide solutions for OWASP Top 10

vulnerabilities for various platforms or software development environments, for example, web, mobile, cloud and etc.

Design and write software development operation processes

Be responsible with security requirements for a project to align with security threats, risks, and control framework

Provide solution, analysis, authoring and review Architecture Handbooks, including network and data flow diagram, risk analysis and remediation solutions

Define and write Functional Specifications

Assists Engineering with Design Specifications, such as high level design and low level design documents

Qualification:

Excellent writing skills in English.

Strong communication skills with meetings, emails or presentation.

Strong technical writing or solution background with self-motivation and fast learning.

Proactive risk management, risk assessment and gap analysis skills

Big plus with hand on IT architecture, software architect, software design, engineering or development, sec-dev-op, or cloud IT administration background. Programmer skills and mindset
are welcome.

Strong knowledge of security governance, policy creation and security architecture principles.

Threat modelling, and data security

Good knowledge of perimeter security.

Good knowledge of security audit principles.

Good knowledge of Project Management methodologies (eg waterfall and agile) and ability to adhere to ICE documentation approach.