Security Architect

Job Description:

• As a Security Architect within Platform Security youll collaborate with various security teams.
• Identify security requirements and approved patterns across different security teams.
• Consolidate them into a unified security architecture with standard patterns.
• Develop new security patterns as necessary.
• Collaborate with the Enterprise Architect to integrate security architecture and patterns into the enterprise program.
• Aid in constructing a security architecture framework and mapping tools/capabilities to controls and threat library.
• Evaluate both external and internal threats for the organization.
• Maintain and update security tools and capabilities based on organizational changes and new threats.
• Assist with security architecture reviews for emerging technologies platforms and applications.
• Offer technical recommendations to mitigate risks and threats.

Responsibilities:

• Develop review edit and recommend security architecture design artifacts such as reference architectures and framework mapping to NIST CIS ISO etc.
• Provide security architecture guidance to internal customers and security teams for significant engagements.
• Act as a subject matter expert in at least one security domain like IAM Application Security Data Protection and Cloud Security.
• Support the development of security patterns.
• Assist in developing and documenting security architecture frameworks and defining security requirements for emerging technologies/platforms/applications.
• Maintain and update inventory of security tools/capabilities and map them to internal controls threat library/framework.
• Conduct security reviews threat modeling and design reviews throughout the development lifecycle.
• Develop and recommend security designs and frameworks for technology systems by defining processes and architecture.
• Participate in projects and recommend secure solutions based on policies standards and best practices.
• Provide Information Security subject matter expertise in various risk assessments.
• Ensure the security of cloudbased data and applications against unauthorized access theft and other threats.
• Offer subject matter expertise for customerinitiated reviews of business security practices.
• Collaborate closely with other Solution/Enterprise Architects to align security requirements and solution design with customer business drivers and demonstrate unique value.
• Participate in customer conversations to define security requirements and overall technical architecture for data and related solutions.

Qualifications & Skills:

• Hold a Bachelors degree in computer science information security or a related field (masters degree preferred).
• Have 10 years of handson technical experience in Information security focusing on Security Architecture Vulnerability management Secure development lifecycle and/or Security Operations/Engineering.
• Possess 5 years of Cloud Security experience across Data Application IAM and Infrastructure domains (on multicloud such as AWS Azure).
• Hold industry certifications such as CISSP CISM or CISA with AWS Security and/or Azure Security certifications preferred.
• Be familiar with major security frameworks & standards such as NIST ISO PCI and FedRAMP.
• Have experience with BigData security/analytics Application Security and/or IAM.
• Understand data governance and data security best practices.
• Have knowledge of data security frameworks data quality frameworks metadata management & data catalogs and data governance.
• Understand modernizing data technology and information architecture on the cloud.
• Have experience with cloudnative security tools and technologies (e.g. SIEM CNAPP CSPM runtime monitoring).
• Be familiar with DevOps and CI/CD tooling.
• Have knowledge/experience with containers/microservices.
• Understand enterprise IT architectural concepts and security patterns (e.g. baseline validated design and target architectures).
• Possess the ability to design security architectures/develop patterns and frameworks.
• Have skill in determining how a security system should work and how changes in conditions operations or the environment will affect outcomes.
• Understand the integration and optimization of cybersecurity tools/capabilities.
• Be familiar with industry trends for cybersecurity risk & threat intelligence and governance.
• Have strong analytical and problemsolving abilities.
• Be able to advise stakeholders and translate business requirements into secure scalable and reliable cloud solutions.
• Possess excellent communication and collaboration skills.
• Have a growth mindset and willingness to learn and continuously improve.