Your role as a member of the security architecture team is to protect Qualcomm from compromises such as data breaches, hacking attempts, targeted and insider threats, and other forms of cyberattacks.
Your primary responsibilities will be:
designing, analyzing, and validating architectural solutions and implementations, creating secure architectural patterns for both enterprise and cloud environments, and helping to find and highlight opportunities for broad or systemic improvements. You will be a security evangelist, driving company-wide environment hardening initiatives and representing the information security group throughout Qualcomm.
We are a collaborative team
that is always learning, sharing, and researching. You will work with specialists and generalists across information security domains regularly, with a focus oncross-training with our red and blue teams. You must have broad expertise in Information Security or related fields, strong technical writing, analytical, and interpersonal skills, and the ability to learn and grow in a rapidly evolving environment.
While we are looking for people
who have all of the skillsets outlined in this posting, we also recognize that this is very rare. So, if you can learn these things, and you have a desire to dig in to areas you havent explored yet, this is the position for you.
- Partner with IT and business units to conduct security assessments, address findings, and validate adherence to security guidance
- Evangelize security within Qualcomm and drive company-wide environment hardening initiatives
- Provide security recommendations on existing and new application, system, and network architectures
- Establish alternative security measures to allow for business continuity while protecting the company's assets
- Develop and advice on best practices around cloud platforms
- Track data security findings to closure in a timely manner by partnering with business units, communicating solutions, and verifying remediation
- Perform risk analysis for corporate functional & technical areas and 3rd party providers relevant to data security
- Act as a mentor and provide guidance and technical leadership to other staff members
All Qualcomm employees are expected to actively support diversity on their teams, and in the Company.MinimumQualifications
- Bachelor's degree in Information Systems, Engineering, Computer Science, Mathematics or related field
- 4+ years experience in IT, Cyber Security, or related area
- 2+ years experience with Programming Language such as C, C++, Java, etc.
- 1+ years experience with network monitoring software such as Nagios, Wireshark, Snort, etc.
- 2+ years experience in software and/or application testing (e.g., creating test cases and prototype environments, QA, software or application testing)
- Common operating systems and business application platforms including an understanding of their enterprise architecture and integration patterns 5+ years of experience cyber security experience in the following areas:
- Experience and foundational understanding of Networking, Web app, Cryptography fundamentals, OS Hardening, Authentication and Authorization, Basic scripting and automating capabilities 2+ years developing and/or assessing IT architectural designs
- Advanced IAM concepts such as federation, FIDO, and Active Directory internals
- Experience with major enterprise mergers, acquisitions, and integrations
- Hands-on experience with major cloud environments (AWS, Azure, etc.)
- Best-practices and considerations around software containerization platforms such as Docker
- Understanding of configuration management concepts and solutions
- Experience with database fundamentals and security best practices
- Familiarity with security frameworks such as OWASP, NIST CSF, etc.
- Current programming skills in Python, Powershell, .NET, Java, C, or C++
- Offensive skillsets (network/app exploitation, privesc, etc)
- 1+ years leadership role in projects or programs
Required: Bachelor's, Computer Science or equivalent experience
Preferred: Master's, Computer Science or equivalent experience
Preference given to candidates with applicable certifications from organizations such as Offensive Security, SANS, etc.