Cloud Security Architect

Some of the key responsibilities are:

• Assist Application and Business Owners in designing and building solutions considering Security best practices, company’s controls environment, threat landscape, and information security policies and standards.
• Act as a security liaison and present security architecture along with Application Teams in periodic Security Review Board meetings.
• Act as a security liaison and present security architecture along with Application Teams in periodic Architecture Review Board meetings.
• Review of Security Review Board approved exceptions
• Serve as a subject-matter expert on designing secure, including cloud solutions
• Participate in Security review of solutions presented in Security Review Board meeting and provide visibility into security gaps in existing and proposed architectures and recommend changes or enhancements
• Responsible for answering technical and procedural questions for technical teams supporting business, cybersecurity team, including guiding team members.
• Determining security requirements by evaluating business strategies and requirements.
• Researching information security standards, conducting system security and vulnerability analyses and risk assessments, reviewing architecture and platforms, and identifying integration issues.
• Reviewing current system security measures and recommending and implementing enhancements
• Developing project timelines for ongoing security projects and system upgrades
• Participate in security reviews to ensure all personnel have access to the IT system limited by need and role
• Provide guidance on integrating systems with security operations, assist in responding to security incidents, and provide input on thorough post-event analyses
• Provide supervision and guidance to a security team, including answering technical and procedural questions for less experienced team members, teaching improved processes, and mentoring team members.
• Identify and deliver appropriate controls based on industry standards (e.g., CCM) to drive cloud and customer security solutions framework based on business risk and cloud-native threat
• Determining security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture and platforms, and identifying integration issues.
• Partner with Technical teams (Architect, Engineers) to assist in creating solutions that balance business requirements with information and cybersecurity requirements in alignment with company’s standards and risk appetite
• Planning of security systems by evaluating network and security technologies, developing technical security standards and requirements for security devices such as routers, firewalls, and related security and network devices.
• Integrating systems with security operations, responding to security incidents, and providing thorough post-event analyses

Experience:

• 6+ years of experience in Cybersecurity
• 4+ years of experience in architecting security solutions
• Degree in Information Technology, Computer Science, Engineering, or related field is highly desirable, but not required.
• Advanced security certifications such as CISSP (Certified Information Systems Security Professional) , CCSP – Certified Cloud Security Professional, Security Architecture (SABSA) are highly desired
• Understanding of industry framework (e.g., NIST, CIS) and standards for cybersecurity (e.g., OAuth)
• Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker, etc.)
• An understanding of IT disaster recovery procedures and conducting breach of security drills.
• Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability
• Solid understanding of security protocols, cryptography, authentication, authorization and security
• Good working knowledge of current IT risks and experience implementing security solutions
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Excellent written and verbal communication skills

Apply for this role: