Reporting to the Chief Information Security Architect in Security Consulting, Research and Architecture department. The Security Architect (Public Cloud) leads the design and development of innovative securityarchitectures for protecting data deployed into different types of cloud and hybrid systems.
This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around cloud-based applications, across all types, including Infrastructure, Platforms, and Software as a Service (IaaS/PaaS/SaaS).
• Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients;
• Identify and document information security risks and propose mitigating controls;
• Understand complex business IT needs, requirements, and projects scopes, with a focus on information security requirements;
• Collaborate with enterprise and regional architecture teams on architecture strategy, roadmaps, standards, and governance;
• Author project and support documentation and diagrams;
• Ensure Agile and Lean best practices are applied to software development and security architecture design;
• When a part of a Scrum team, you will work with the Product owner, deliver on Product backlogs, participate in daily scrums, sprint planning, review and retrospective etc.
• 8+ years Security Architecture experience in creating and managing enterprise security architectures and solutions;
• Direct deployment (not just conceptualization) experience on Amazon Web Services/EC2/S3, Google Cloud Platform, Microsoft Azure; 3+ years desirable;
• Experience of at least 3 public cloud implementations (Start-up, Financial or SaaS firm experience is preferred);
• Demonstrated knowledge of information technology security, trends, leading practices, regulatory and industry standard compliance issues (PCI, SOX, CSA, PCI, NIST, ISO, IEEE, TCG etc.);
• Experience with secure software development lifecycle, data protection, cryptography/key management, identity and access management (IAM), network security;
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication/authorization mechanisms (OAuth, OpenID, SAML etc.) and key management/secret vaulting solutions, including HSM (Thales, Gemalto SafeNet etc.)
• Excellent analytical, problem-solving, organizational and multi-tasking abilities;
• Self-initiated, fast learner with a positive attitude;
• Strong interpersonal, technical leadership and influencing skills are essential;
• Is a true team player who values the perspectives and opinions of others.
• Takes accountability for results and exhibits a “can do attitude”.
• Has an appetite to challenge the status quo, tackle difficult problems and seek/give constant feedback.
• Embraces change as an essential driver to solve complex issues.
• Demonstrates flexibility and is able to move forward without having all of the answers.
• Consistently seeks to understand, meet and deliver on customers’ expectations.
• Worked in Agile delivery teams and environment;
• Worked on large scale cloud based services deployment (including SaaS, PaaS, IaaS) and understand security challenges involved in deploying Cloud Applications and server virtualization/container orchestration technologies;
• Implemented cloud security and governance tools, cloud access security brokers (CASBs);
• Facilitated the new generation of development and operations technologies and processes: e.g. DevSecOps, Automation and Analytics: experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc.);
• Created and maintained security policies and procedures, managing the protection of information systems and assets;
• Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies;
• Performed security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks;
• University degree in Computer Science or related field and 15+ years of related work experience;
• CCSP (Certified Cloud Security Professional) and/or other security certifications, such as CISSP, CISA, CRISC, and CISM;
• Experience with Open SecurityArchitecture (OSA), The Open Group Architecture Framework (TOGAF), Sherwood Applied Business SecurityArchitecture (SABSA) etc. - with relevant certifications
Requisition ID: 21302