Principal Security Architect - Endpoint Security

We are seeking a highly skilled and experienced Endpoint Security Architect to join our team. The ideal candidate will have a strong background in Windows OS, Linux servers, containers, mobile devices, and zero trust security paradigm. As an Endpoint Security Architect in the Cybersecurity Architecture team, your responsibilities include a comprehensive review and redesign of existing endpoint preventive and detective security capabilities for managed and unmanaged endpoint clients, on-premises, and hybrid-cloud environment to protect our organization's endpoints. You will also influence changes in existing control standards, create new IT security guidelines that can be easily consumed by stakeholders, create specific security patterns & diagrams, and own the relevant 3-year capability roadmap.

The primary focus areas for this position are the following:

• Produce security architecture deliverables as part of initiatives related to endpoint security maturity aligned with Zero Trust paradigm.
• Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation.
• Be the subject matter expert for Endpoint Security through the enterprise along with the security architecture team.
• Inspire team members and junior staff to contribute new ideas and alternative approaches.
• Provide guidance and mentorship to junior security team members.

Your Responsibilities

• Design and optimize endpoint security architectures that align with the organization's security policies and compliance requirements.
• Develop and maintain security guidelines and best practices for Windows OS, Linux servers, mobile devices, and containerized environments.
• Implement zero trust security models to enhance the security posture of the organization's endpoints.
• Collaborate with cross-functional teams, including IT, DevOps, and security operations, to ensure seamless integration of security solutions.
• Provide expert analysis of monitoring and response capabilities related to endpoint security incidents and alerts.
• Stay up-to-date with the latest security trends, threats, and changes in security landscape and corresponding cybersecurity frameworks related to emerging technologies to continuously improve the organization's security posture.
• Create and drive the internal and client endpoint security capability roadmap for managed and unmanaged devices within information technology & the respective IT stakeholders.
• Create and drive the Zero Trust endpoint modernization roadmap within information technology & the respective IT stakeholders.
• Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners.
• Lead the technical analysis of endpoint security capabilities with the aim of delivering new or enhanced security capabilities.
• Identify automation opportunities for endpoint security controls lifecycle management.
• Act as the domain specialist to help guide and shape how endpoint security controls are enabled and enforced.
• Mentor junior security architects to enhance their security and architecture skills within the team.
• Deliver high-quality executive architecture presentations and demonstrations.
• Create white papers and presentations in industry conferences to present thought leadership in security field.

Qualifications

• Minimum of 5 years of experience in endpoint security or a related role
• Bachelor degree or above in Cybersecurity, Computer Science, Electrical & Computer Engineering, or Information Security Management
• Relevant cybersecurity certifications such as CISSP, CISM, CEH, or similar are preferred
• Knowledge of scripting and automation tools such as PowerShell, Python, or Bash
• Strong knowledge of Windows OS and Linux server, and mobile security
• Experience with container security, including Docker and Kubernetes

Specific Skills & Technologies

• Strong Information Security experience, specifically in endpoint security domain (managed/unmanaged devices, on premise and hybrid-cloud workloads).
• In-depth knowledge of Zero Trust paradigm and device pillar designs improvements aligned with Zero Trust best practices.
• Experience with cloud security, particularly in AWS, Azure, or Google Cloud environments.
• Solid experience in container security, OS (Windows/Linux) security, mobile device security.
• Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks.
• Proficient in how Active Directory works.
• Knowledge of Public DNS.
• Familiar with PKI and SSL Certificate management.