Security Architect

Description

Develops, reviews, edits, and provides recommendations for new and existing security architecture design artifacts such as reference and solution architectures along with framework mapping to NIST, CIS, ISO etc.
Provides security architecture guidance to internal customers and security teams for larger and more significant engagements.
Subject matter expert in at least one security domain such as IAM, Application Security and/or Data Protection in addition to Cloud Security
Support development of security patterns
Assist with development and documentation of security architecture framework and defining security requirements for emerging technology/ platforms and applications.
Maintain and update inventory of security tools/capabilities and mapping to internal controls & threat library/ framework.
Conduct and facilitate security reviews, threat modelling and design reviews through the development lifecycle.
Develops and recommends security designs and frameworks for technology systems by defining process and architecture.
Participates on projects and recommends secure solutions based on policies, standards and best practices.
Provides Information Security subject matter expertise in various risk assessments.
Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats
Provides subject matter expertise for customer-initiated reviews of business security practices.
Work closely with other Solution/Enterprise Architects to align the security requirements and the solution design with the customers’ business drivers and demonstrate unique value.
Performs other related duties as assigned.
Participate in customer conversations to define the security requirements and overall technical architecture for data and related solutions.

Responsibilities

• Bachelor's degree in computer science, information security, or a related field (master’s degree preferred)
• 10+ years of hands-on technical experience in Information security with a focus on Security Architecture, Vulnerability management, Secure development lifecycle and/or Security Operations/Engineering
• 5+ years of Cloud Security experience across Data, Application, IAM and Infrastructure domains (on multi-cloud such as AWS, Azure)
• Industry certifications such as CISSP, CISM, or CISA highly desired
• AWS Security and/or Azure Security certifications preferred
• Familiarity with major security frameworks & standards such as NIST, ISO, PCI, and FedRAMP
• Experience with Big-Data security/ analytics, Application Security and/or IAM required.
• Experience in data governance and data security best practices preferred
• Understanding of data security frameworks, data quality frameworks, metadata management & data catalogs and data governance
• Thorough understanding of modernizing data technology and information architecture on cloud
• Experience with cloud-native security tools and technologies (e.g., SIEM, CNAPP, CSPM, runtime monitoring)
• Experience with DevOps and CI/CD tooling
• Knowledge/ experience with containers/microservices
• Knowledge of the enterprise information technology (IT) architectural concepts and security patterns (e.g., baseline, validated design, and target architectures)
• Ability to design security architectures/ develop patterns and frameworks.
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Knowledge of integration and optimization of cyber security tools/ capabilities
• Understanding of industry trends for cybersecurity risk & threat intelligence, and governance
• Strong analytical and problem-solving abilities
• Advise stakeholders and translate business requirements into secure, scalable, and reliable cloud solutions.
• Excellent communication and collaboration skills
• A growth mindset and willingness to learn & continuously improve.