Information Security Architect

Full Time
$150000 - $160000 yr
Work from home available

Job Description

The Information Security Architect is responsible for the support and development of our clients Global Information Security program. This is hands-on position which involves working with various teams to design and develop security controls required for securing cloud, on premise and SaaS environments with a focus on cloud technologies. The successful candidate will have a deep understanding of security principles, cloud (IaaS/PaaS/SaaS), logging & monitoring, and encryption technologies.

The Information Security Architect will partner with Information Technology and Business Support to:

  • Develop Cloud Deployment/Architecture, Cloud Security and Controls Framework aligned to security frameworks CSA, CIS and NIST for multi-cloud environment.
  • Design and develop security architectures for cloud and cloud/hybrid based systems. Possess a firm understanding of the offerings within Amazon Web Services (AWS), Microsoft Azure, GCP platforms and SaaS applications such as O365, Dynamics, SalesForce, Slack, and Box.
  • Design and implement architectures and designs that will allow those requirements to be met with a minimal degree of risk to Organization and with appropriate security controls present.
  • Design and Develop cloud specific security policies, standards and procedures e.g. Identity and Access Management (SSO, SAML), and Privilege Management, Firewall management, SSL/IPSec, Encryption Key Management (BYOK), Security incident and event management (SIEM), Data protection (DLP, DRM, and encryption), Vulnerability Management in partnership with Infrastructure Services, and Application Development.
  • Conducting cloud security analysis of prospective clients Cloud platforms/environments based on Industry best practice Cloud Cyber Risk Framework.
  • Performing Security Assessments of Cloud, on premise and SaaS platforms/environments using industry standard frameworks such as ISO, CSA-CSM and NIST.
  • Executing on security engagements during different phases of the lifecycle assess, design, and implementation.
  • Troubleshooting system level problems in a multi-vendor, multi-protocol network environment.
  • Design and develop security automation.
  • Bachelor's Degree in Information Technology, Computer Science or a related field.
  • 5+ years of experience with Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud Platform, O365.
  • 5+ years of experience driving the adoption of and achieving successful DevOps practices across organizations.
  • 5+ years of experience with Security Architect and/or Engineering.
  • Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
  • Working knowledge of common and industry standard cloud-native/authentication mechanisms (OAuth, OpenID, etc).
  • Experience with Privilege Account Management (CyberArk preferred).
  • Experience with perimeter security and firewall technologies (Cisco, Fortinet, Contrast preferred).
  • Experience with Infrastructure as Code Automation (Terraform, CloudFormation, ARM preferred).
  • Experience with Application and Infrastructure code scanning (Inspec, HubbleStack, Veracode, SonaType preferred).
  • Experience with Log management and monitoring (Sumologic preferred).
  • Experience with Container technologies (Docker, Kubernetes, EKS, AKS preferred).
  • Experience with deployment orchestration, automation, and security configuration management (Jenkins, Ansible, Packer preferred).
  • Experience with Vulnerability Management (Rapid7 preferred).
  • Experience with PKI and Cryptography (Gemalto preferred)
  • Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
  • Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
  • Strong interpersonal and communication skills; ability to work in a team environment
  • Ability to work independently with minimal direction; self-starter/self-motivated
  • Proven ability to work creatively and analytically in a problem-solving
  • Excellent communication (written and oral) and interpersonal skills
  • Demonstrated and strong leadership and management skills
  • CISSP, AWS, Azure certifications preferred.

Posted By

Nancy Martini

Dice Id : 10109074
Position Id : 20-00237
Originally Posted : 2 months ago
Have a Job? Post it