Senior Security Architect
The Senior Security Architect will be a member of the Security & Privacy team with a focus on gathering and evaluating requirements along with owning the architectural design of selected security technologies. You leverage your in-depth knowledge in both offensive & defensive security trends, your ability to discern IT landscape compatibility & dependency challenges, and your hands-on experiences with a diverse range of security technologies to drive maximum business value out of technological investment. You maintain expert familiarity with security standards and operational best practices, as well as trends in technological advancement (e.g. SaaS, CASB, predictive data analytics) to provide trusted architectural designs. The person in this role will collaborate with business units and corporate partners to ensure the validity of the IT technological solution and the fulfillment of various sets of requirements. You will drive the design and configuration of security technologies to support the integration with and the improvement of the existing environment. Example daily activities include but are not limited to the following:
Interact with data, process, application, and platform owners to map out security requirements.
Research, tailor, set-up, and document security technology operational models: including architectural design, technology configurations, as well as associated processes & procedures.
Propose and drive the implementation of security architecture roadmap.
Support the operations. Tuning, and on-going maintenance of deployed security technologies.
Support other Infrastructure Security and other Security & Governance initiatives within Varian Medical Systems.
Responsibilities include, but are not limited to:
Provide Level 5 engineering support for security technologies, focusing on the design, 3rd party integration, internal landscape fitness evaluation, advanced troubleshooting, and best-practice management consultation.
Provide leadership of matrix teams in developing Security Reference Architecture.
Perform in-depth research on security technologies to improve operations and overall Varian objectives.
Initiate and support the discussions with stakeholders from IT, Audit, Regulatory Compliance, and other business units to identify & consolidate requirements; derive security services, road-map and formalize new security initiatives; leverage results to lead and drive annual planning in multiple organizations (e.g. Enterprise Application, Infrastructure, R&D) from the security perspective.
Act as the Security SME to lead cross-functional task force to drive the creation and implementation of security technology solution meeting Varian business objectives.
Guide and review the development of operational processes & procedures and KB articles of security technologies.
Participate and assume leadership as appropriate in regular cadences with other infrastructure & application architects.
Lead the development and maintenance of IT Security policies, procedures, and technical standards; implement periodic reviews.
Maintain complete confidentiality of company and customer intelligence acquired at job.
• Strong sense of ownership, urgency, and drive.
• Ability to influence others.
• Excellent written and oral communication skills; sharp analytical abilities.
• Knowledge and understanding across a wide breadth of technology domains, with the ability to quickly assimilate the inter-relationships various disciplines.
• Demonstrated expertise in enterprise security architecture, including: securing service oriented architecture (SOA); network security; application security; cloud computing (SaaS/PaaS/IaaS) in AWS or Azure; network infrastructure and web services, IAM, cryptography
• Deep expertise in architecture strategy and implementation and ability to utilize recognized security methodologies (e.g. ITIL, NIST, COBIT, ISO).
• Minimum of 8 years’ experiences in Information Technology or Information Security.
• 5 years demonstrated experience as an SME in IT enterprise or security architecture.
• Minimum of 2 years’ in one or more of the following: multi-vendor application firewalls, IDS/IPS, wireless, SSL & IPSEC VPN, SSO, Multi-factor authentication, database technologies, encryption technologies, endpoint and cloud security.
• BS degree in Computer Science, MIS, Computer Engineering, Electrical Engineering, Information Security, or equivalent work experience.
Preferred Basic Qualifications:
• Minimum of 2 years’ experience in scripting or programming experience in PowerShell, Ruby, Python, Shell/BASH scripting, Java, C/C++, C*, Perl, or other languages.
• Security related certifications such as CISSP-ISSAP, OSCP, GIAC, GCIH, GCFA, GCIA, GPEN, GNFA, GCUX, CEH.
• Expert level understanding in one core area of Information Security.
• Experience in enterprise-wide deployment of security technologies
Auto req ID 12371BR