Cloud Security Architect
Some of the key responsibilities are:
- Assist Application and Business Owners in designing and building solutions considering Security best practices, company’s controls environment, threat landscape, and information security policies and standards.
- Act as a security liaison and present security architecture along with Application Teams in periodic Security Review Board meetings.
- Act as a security liaison and present security architecture along with Application Teams in periodic Architecture Review Board meetings.
- Review of Security Review Board approved exceptions
- Serve as a subject-matter expert on designing secure, including cloud solutions
- Participate in Security review of solutions presented in Security Review Board meeting and provide visibility into security gaps in existing and proposed architectures and recommend changes or enhancements
- Responsible for answering technical and procedural questions for technical teams supporting business, cybersecurity team, including guiding team members.
- Determining security requirements by evaluating business strategies and requirements.
- Researching information security standards, conducting system security and vulnerability analyses and risk assessments, reviewing architecture and platforms, and identifying integration issues.
- Reviewing current system security measures and recommending and implementing enhancements
- Developing project timelines for ongoing security projects and system upgrades
- Participate in security reviews to ensure all personnel have access to the IT system limited by need and role
- Provide guidance on integrating systems with security operations, assist in responding to security incidents, and provide input on thorough post-event analyses
- Provide supervision and guidance to a security team, including answering technical and procedural questions for less experienced team members, teaching improved processes, and mentoring team members.
- Identify and deliver appropriate controls based on industry standards (e.g., CCM) to drive cloud and customer security solutions framework based on business risk and cloud-native threat
- Determining security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture and platforms, and identifying integration issues.
- Partner with Technical teams (Architect, Engineers) to assist in creating solutions that balance business requirements with information and cybersecurity requirements in alignment with company’s standards and risk appetite
- Planning of security systems by evaluating network and security technologies, developing technical security standards and requirements for security devices such as routers, firewalls, and related security and network devices.
- Integrating systems with security operations, responding to security incidents, and providing thorough post-event analyses
- 6+ years of experience in Cybersecurity
- 4+ years of experience in architecting security solutions
- Degree in Information Technology, Computer Science, Engineering, or related field is highly desirable, but not required.
- Advanced security certifications such as CISSP (Certified Information Systems Security Professional) , CCSP – Certified Cloud Security Professional, Security Architecture (SABSA) are highly desired
- Understanding of industry framework (e.g., NIST, CIS) and standards for cybersecurity (e.g., OAuth)
- Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Pivotal Cloud Foundry, BOSH, Kubernetes, Docker, etc.)
- An understanding of IT disaster recovery procedures and conducting breach of security drills.
- Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability
- Solid understanding of security protocols, cryptography, authentication, authorization and security
- Good working knowledge of current IT risks and experience implementing security solutions
- Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures
- Excellent written and verbal communication skills
Apply for this role:
Principal Consultant - Technology
Connect on LinkedIn