Security Architect

Onsite -Minimum 4 days onsite (Mon-Thu) and optionally 1 day remote (Fri) This is a Security architect role and will include Cloud Security, AI Security, endpoint security, Network security and other security domain areas as needed

Qualifications:
IS related bachelor s degree and/or equivalent work experience.

5+ years of IT business work experience
Desired Certifications: CISSP, CCSP, CCNP, CISA, or equivalent are highly desirable
Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations.
Conceptual Thinking: Knowledge of thinking and reasoning at a conceptual level; ability to identify the critical ideas and interdependencies among system elements that impact performance.
Cloud Security: Knowledge of tools, technologies, and processes of cloud security; ability to minimize security risks to secure cloud computing services.
Container Security: Knowledge of containerization technologies, secure image practices, runtime security, secure networking, and incident response; ability to design, develop, and implement secure container environments, while assessing risks, leading audits, and advocating for best practices, enables effective protection of containerized environments.
AI Security: Designs secure architectures for Gen AI systems with a focus on threat modeling, data protection, and adversarial risk mitigation. Ensures secure deployment, access control, and compliance with AI governance and regulatory standards. Collaborates cross-functionally to embed security across the AI/ML lifecycle. Knowledge of tools, technologies related to AI development and security.
Cyber Risk Assessment and Mitigation: Knowledge of cyber risk assessment and mitigation strategies across the systems' life cycle; ability to assess risks timely and propose countermeasures.
Threat Analysis and Defense: Knowledge of characteristics, behaviors, capabilities, intent, and interactions of incoming cyber threats; ability to analyze the threats and develop defense and mitigation strategies to effectively combat such threats.
Identity and Access Management: Knowledge of security administration; ability to manage access to computers, infrastructure, networks, and applications.
DevSecOp: Knowledge of concept, principles, methodologies of DevSecOps; ability to utilize related tools and techniques to integrate security into DevOps processes.

A Domain Architect for Enterprise Security is responsible for designing and implementing security solutions across our organization's technology landscape. They analyze security risks and develop strategies to mitigate them, while ensuring compliance with industry standards and regulations. They also collaborate with other IT professionals to ensure that security measures are integrated into all aspects of an organization's technology infrastructure. While also ensuring the confidentiality, integrity, and availability of our organization's digital assets.

Daily Tasks Performed:
Security Design and Architecture: Knowledge of security design and architecture for organizational systems to meet defined cybersecurity needs; ability to embed security principles into the design goals while minimizing the risk from cyber security threats and vulnerabilities.
Cross-functional Collaboration: Knowledge of collaborative techniques and approaches; ability to promote a culture of continuous improvement and working together across functions to solve business problems and meet business goals.
Frameworks and Industry Standards: Knowledge of cybersecurity enterprise programs, policies, and standards to govern the organization's approach towards protecting their systems; Ability to align them with regulations, organization's context, operating environment, and cyber threats.
Communicating Complex Concepts: Knowledge of effective presentation tools and techniques to ensure clear understanding; ability to use summarization and simplification techniques to explain complex technical concepts in simple, clear language appropriate to the audience.
Domain Knowledge: Knowledge of a specific domain, its current trends, directions, and regulatory considerations; ability to apply domain-specific knowledge to relevant situations.
Technical Excellence: Knowledge of a given technology and various application methods; ability to develop and provide solutions to significant technical challenges
Cybersecurity Expertise: Knowledge of the processes, tools, and techniques in the cybersecurity domain; ability to deploy and monitor cybersecurity measures, while detecting, controlling, and preventing cybersecurity breaches.

Qualification:
IS related bachelor s degree and/or equivalent work experience.
Desired Certifications: CISSP, CCSP, CCNP, CISA, or equivalent are highly desirable
5+ years of IT business work experience
Problem Solving: Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations.
Conceptual Thinking: Knowledge of thinking and reasoning at a conceptual level; ability to identify the critical ideas and interdependencies among system elements that impact performance.
Cloud Security: Knowledge of tools, technologies, and processes of cloud security; ability to minimize security risks to secure cloud computing services.
Container Security: Knowledge of containerization technologies, secure image practices, runtime security, secure networking, and incident response; ability to design, develop, and implement secure container environments, while assessing risks, leading audits, and advocating for best practices, enables effective protection of containerized environments.
AI Security: Designs secure architectures for Gen AI systems with a focus on threat modeling, data protection, and adversarial risk mitigation. Ensures secure deployment, access control, and compliance with AI governance and regulatory standards. Collaborates cross-functionally to embed security across the AI/ML lifecycle. Knowledge of tools, technologies related to AI development and security.
Cyber Risk Assessment and Mitigation: Knowledge of cyber risk assessment and mitigation strategies across the systems' life cycle; ability to assess risks timely and propose countermeasures.
Threat Analysis and Defense: Knowledge of characteristics, behaviors, capabilities, intent, and interactions of incoming cyber threats; ability to analyze the threats and develop defense and mitigation strategies to effectively combat such threats.
Identity and Access Management: Knowledge of security administration; ability to manage access to computers, infrastructure, networks, and applications.
DevSecOp: Knowledge of concept, principles, methodologies of DevSecOps; ability to utilize related tools and techniques to integrate security into DevOps processes.