We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age national origin, religion, sexual orientation, gender identity, status as a veteran and basis of disability or any other federal, state or local protected class.:
Advance Auto Parts, Inc., a leading automotive aftermarket parts provider in North America, serves both the professional installer and do-it-yourself customers. Advance operates approximately 5,100 stores, 126 Worldpac branches and serves approximately 1,300 independently owned CARQUEST branded stores in the United States, Puerto Rico, the U.S. Virgin Islands and Canada.
Advance Auto Parts-AAP is looking for a Cloud Security Architect to join their team in either Raleigh, NC or Roanoke, VA. The Cloud Security Architect leads the design and development of innovative security architectures for protecting cloud workloads and data deployed into different types of cloud and cloud/hybrid systems. This position contributes to the overall enterprise cloud architecture and leads the security vision and strategy around cloud-based applications across all types (including Infrastructure, Platform and Software as a Service (IaaS/PaaS/SaaS). The Cloud Security Architect will serve as the central point of contact for Corporate Information Security and othertechnology teams within Advance Auto Parts for all matters related to cloud security.
The Cloud Security Architect will:
- Design cloud-native architectures and patterns that will allow those requirements to be met with a minimal degree of risk to AAP and with appropriate security controls.
- Act as the technical representative for Corporate Information Security while engaging with other technical leaders throughout AAP in design and implementation of cloud and cloud/hybrid based implementations and solutions.
- Work with other technical organizations to choose appropriate technology solutions and facilitates complete integration in the enterprise environments.
- Develop applicable security standards in partnership with other teams.
- Identify, recommend, coordinate and conduct informal/formal sessions to deliver timely knowledge to various teams regarding technologies, processes or tools.
- Develop and coordinate strategies to increase Cloud Security knowledge throughout AAP, as well as developing and mentoring more junior staff.
The Cloud Security Architect should possess some or all of the following qualifications:
- Cloud Security and Architecture related certification (Amazon AWS Certified Solutions Architect preferred)
- One or more SANS GIAC certifications preferred
- Common and industry standard cloud-native / cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
- Service-oriented architecture for cloud-based services.
- Cloud security and governance tools, cloud access security brokers (CASBs) and server virtualization technologies.
- Enterprise applications architectures.
- Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and Microsoft Azure platforms.
- Architecting solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud Providers
- Assessment, development and implementation, operationalization and documentation of a comprehensive set of securitytechnologies and processes (Secure software development [application security], data protection, cryptography, key management, identity and access management (AIM), networksecurity, within SaaS, IaaS, PaaS, and other cloud environments
- Exceptional communications skills with diverse audiences
- Strong critical thinking and analytical skills
- Ability to promote and champion the importance of information security to business partners to address perceived business risks
- Ability to understand and communicate that security is not a cost, but a business enabler, helping to achieve business objectives
- Ability to listen and learn
- Lead diplomatically
Required Technical and Professional Experience:
- 10+ years of experience in Information Security; or equivalent combination of education and experience
- 8+ years of practical experience in IT field is required
- 5+ years of direct information securityarchitectureexperience
- 2+ years of Cloud technical environment experience
- Experience with deployment orchestration, automation and security configuration management
- Security industry certifications including but not limited to Certified Information Systems Security Professional-CISSP, Certified Information Security Manager-CISM, etc.
Preferred Technical and Professional Experience:
- Architecture of mobile platforms, solutions, integrated with cloud-based services
- Detailed understanding of SSL/TLS protocols and certificate-based solutions
- Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience and knowledge in a related field of study