Senior Information Security Architect
JDA is seeking a Senior Information Security Architect to lead planning, design, implementation and support of cloud security in its global corporate infrastructure. This position is reporting to the Security and Compliance Director, and is a thought leadership position responsible for enhancing the maturity of JDA’s security program. The Senior Information Security Architect will assist in protecting JDA’s customer and associate data by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. The person hired in this position will work with global IT, cloud services and product development groups in a combined effort to maximize the security of all information systems.
- Define and participate in implementation of Cloud architecture and security controls.
- Engage and advise IT team and business functions.
- Capture and refine security requirements and ensure their integration into enterprise architecture.
- Plan security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
- Implement security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
- Verify security systems by developing and implementing test scripts.
- Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
- Assist in coordinating contingency plan tests on a regular basis.
- Participate in and assist with incident response team, as appropriate
- Prepare system security reports by collecting, analyzing, and summarizing data and trends.
- Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
- Support assessment of our security by our customers, internal, and external auditors
- Support IT and other areas of the organization by answering technical and procedural questions
- Mentor and partner with other team members
- Deep and diverse experience architecting and implementing Cloud environment designs.
- Expert in network security, system security and endpoint security.
- Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.
- Proven ability to serve as an effective advisor to the senior leadership team
- Demonstrated expertise in leading security planning efforts and interacting effectively with customers, auditors, vendors, and key stakeholders.
- Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
- Practical experience with the development, implementation, and management of security related technologies (ie, SIEM, WAF, AV, Firewalls, Internet-facing services)
- Excellent customer service including strong written and oral communication skills
- 10+ years of security technology experience
- Bachelors degree in Information Security or related industry experience
- Certified Information Systems Security Professional (CISSP)
- Cloud certification such as CCSP or CCP is highly desired.
- Demonstrated ability to model professional integrity and behavior in a multicultural environment.
Facilitation and team-building skills at all levels including the ability to influence, train, mentor and leverage the skills of others, including business partners and international technical team members.