Job type: Full-time
Role: System Administrator
security, cloud, amazon-web-services
Sr. Director/Director – Cyber Security Architect
Sr. Director/Dir Security Architect- Preferred Location: San Jose (CA), Austin (TX), San Diego (CA). Secondary: Roseville (MN)
Job Description Summary
The Sr. Director Security Architect will be responsible for architecture and security technology evaluations/recommendations to the business specifically focused on application development and cloud technologies. He will work in conjunction with lead architects, Operational teams and VP R&D to evaluate, plan and develop enterprise security technology and security architecture strategy.
He will be responsible for helping to define guidelines, best practices, writing policy/standards and driving adoption of new application and cloud architectural designs. This candidate will deliver cloud architectural guidance and conduct regular security consultancies for the business. The candidate will also regularly collaborate with the business and the wider security organization to address cloud security and compliance challenges and engage in a wide variety of cloud security-related projects and initiatives.
What You'll Contribute
Conducts business level security architecture assessments to evaluate existing security program and cloud application architecture, identify weaknesses and make recommendations.
Assess security threats and risks in order to define and implement appropriate architectural security.
Develops security architecture standards, frameworks and design patterns spanning all layers of security from host, server, mobile, and network to application and data security.
Architects, designs, prioritizes, coordinates, and communicates the security technologies necessary to ensure a highly secure yet usable computing environment.
Contributes to the development and implementation of security technology solutions such as firewalls, load balancers, encryption technologies, WAF, Jenkins, Fortify, Checkmarx, AD, LDAP, Splunk, and secure use of common public cloud offerings such as AWS, GCP, and Azure.
Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risks, and recommends technologies and solutions to mitigate them.
Stays current with security technologies such as cloud platform security, dev-ops security, identity and access products, endpoint security products, network security technology and mobile security technologies and makes recommendations for users based on business value.
Develops security architecture plans that align to enterprise architecture strategy and the company’s business strategy.
What We're Seeking
7 or more years of relevant work experience.
Experience in R&D leadership, IT security architecture, compliance and risk management.
3+ years of experience with standard Cloud technologies.
5+ years of experience with security including architecture or security management, user, platform and device authentication, and various levels of access controls and authorization, enterprise directories and their integration with other systems in a large, complex environment.
Expertise in application development and dev-ops security technologies and integration such as code scanning, FOSS, vulnerability analysis, and security for automated deployments.
Demonstrated knowledge of infrastructure security, including windows, Unix/Linux, desktop/laptop, and mobile security, as well as knowledge on cryptography and PKI.
Demonstrated effectiveness working across multiple business units to achieve results.
Demonstrated ability to think strategically about business, product, and technical challenges.
Experience with a wide range of IT system components including architecture, authentication, connectivity, system hardware and software components, virtualization, cloud computing, and mobile.
Ability to manage relationships with other business units, external vendors and stakeholders when IT security risks are present and system or process changes must be made to mitigate risk.
Working knowledge of IT process modeling to determine risk to corporate systems.
Working knowledge of application security, including Web Services and SOA, as well as Agile and DevOps, Mobile security and mobile development.
Proven understanding of security for structured databases and unstructured data, such as access controls, encryption, monitoring and others.
Experience with enterprise class security products such as Identity Management and Single Sign On.
Experience within the transformation of traditional data center security measures into industry adopted cloud technologies like Amazon Web Services, GPC, Azure, etc.
Proven ability to work with compliance frameworks and requirements such as PCI, HIPAA, GDPR, SOX etc.
Demonstrated knowledge on threat landscape, security threat and vulnerability management, and security monitoring and analytics.
Even better if you have:
CISSP, CISM, GSEC or AWS Certified Architect.
Our Offer to You