About Position
Security Architect (Contract)
$86.00 / Hourly
Northbrook, Illinois, United States
Security Architect
Contract Northbrook, Illinois, United States Posted 1 year ago
Skills
Bachelor's degree in computer science cybersecurity or related field. Experience designing and implementing secure cloud architectures. Strong knowledge of cloud service models (IaaS PaaS SaaS) and cloud security best practices. Familiarity with security and compliance frameworks (e.g. NIST CIS ISO 27001/2 SOC 2 HIPAA GDPR). Strong analytical and problem-solving skills. Good communication skills and ability to work collaboratively with other IT teams. Relevant cloud security certifications (e.g. AWS Certified Security – Specialty Azure Security Engineer Certified Cloud Security Professional (CCSP) etc.) are highly desirable.Description
Maintain Live Services Risk assessment document and establish governance model
Conduct meetings with key stakeholders regarding architectural discussions related to security and document decisions, including follow up on action items
Coordinate PenTest and mitigation/remediation discussions for the customer facing SaaS software products
Manage vulnerability scan program and mitigation/remediation discussions for the customer facing SaaS software products
Participate in software development architectural meetings to represent Live Services for the Infrastructure and Data security
Represent Live Services group and participate in Enterprise level policy creation and governance around cloud security (Azure, AWS, GCP, etc.)
Represent Live Services group and be a member of Enterprise architecture group for the Infrastructure and Data security, including cloud environments
Represent Live Services and be an active voting member for the change management around policy implementations in the cloud infrastructure
Participate in M&A due diligence activities to cover Live Services responsibilities, including creation and completion of the integration plan
Develop and execute tactical plan for the standardization of security tools and processes within Live Services group
Influence Business stakeholders and software development teams for the implementation of best practices around secure data transfer and storage (covered in software code vs external processes)
Conduct quarterly internal audits to ensure RBAC (role-based access control) is maintained within Software Engineering group
Conduct discussions and support implementation of the principles of least privileged
Participate and represent Live Services group in external and internal audits such as SOC2 Type, ISO27001, FDA CFR21 Part 11, TISAX, etc. for the customer facing SaaS software products
Influence other team members within Live Services group to gain technical knowledge and skills around Data security, integrity, and availability
Member of Live Services leadership team to represent Security domain and drive culture of security first
May need to represent UL Solutions in external events such as seminars/webinars
Work closely with Application Security team in establishing and implementation of the guiding principles around Application security
May need to participate in forensic analysis and research in the event of a cyber threat or incident
Monitor external cyber incidents/news and support implementation of the Endpoint detection and response program
Monitor SIEM solution for the trend analysis and action plan within the boundaries of Live Services group
Training teams that need assistance with security policy implementation on their respective products.
Secure Code Reviews review code when requested/needed
Perform Threat Modelling with the teams to ensure systems and features are designed in a secure manner
Review CI/CD Pipelines to ensure security is implemented correctly in each team.
Lead the Security Champions program making sure champions have the support they need for their applications
Conduct Offensive Security scans and report vulnerability issues when needed.
Create yearly training schedule for application security training.
Designing and implementing secure cloud architectures that meet business and compliance requirements
Participate in developing security policies, standards, and procedures for cloud environments.
Collaborating with other IT teams to ensure that security controls are integrated into cloud-based applications and infrastructure
Evaluating new security technologies and recommending solutions that improve the security of cloud-based systems
Monitoring and responding to security incidents and alerts in cloud environments
By applying to a job using PingJob.com you are agreeing to comply with and be subject to the PingJob.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.
