Security Architecture Manager - Cloud Standards

Employment Type

: Full-Time

Industry

: Miscellaneous



Position Summary:

Information Security (IS) group is looking for a Security Architecture Manager as a direct report to the Director of Information Security. In this role, the candidate will provide technical leadership, subject matter expertise and direction on complex projects/initiatives for their assigned area(s) of responsibility. This position will function as a technology leader in the architecture design, planning, and delivery of enterprise-class security systems both on premise and in the cloud. 

We are seeking strong, self-motivated candidates with a proven track record of understanding security controls, and working across an organization to implement and validate controls.  

Qualifications Required:

  • Five or more years' experience in: 
    • Designing and implementing cloud security solutions 
    • Providing consulting to business partners to influence security best practices and establish solid security principles across the organization
    • Meeting business goals along with customer and/or regulatory security-related requirements
  • Strong understanding of security principles for cloud and on premise systems in at least one of the following: network/infrastructure, mainframe, servers, mobile, system configuration 
  • Experience with automation, orchestration and Infrastructure as code using tools like Puppet, AWS CloudFormation, and Terraform
  • Knowledge of securing development pipelines such as automated code scanning tools and API management
  • Experience with securing containers including container management solutions such as Kubernetes, and OpenShift 
  • Experience with managing enterprise grade cloud security solutions such as Cloud Access Security Brokers (CASB)
  • Knowledge of security defenses against data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and Denial of Service attacks
  • Ability to provide direction and guidance at all levels of the organization on architectural use cases and requirements
  • Ability to contextualize security issues and business risks both verbally and in writing
  • Bachelor's degree in engineering, computer science, or a related field with a minimum of 8 years of experience in technical roles
  • Strong analytical and problem solving skills
  • Strong communication skills and business acumen
  • Knowledge of Security and Industry frameworks such as ISO27001/02, NIST 800-53, SANS Top 20 Critical Security Controls, COBIT, PCI-DSS, and NIST Cybersecurity Framework
  • A combination of relevant industry certifications related to Information Security (e.g. CISSP, CISM), Architecture (e.g. TOGAF, AWS Certified Solutions Architect), and Cloud (e.g. AWS, Google, and Azure including Microsoft 365)

Essential Functions and Responsibilities:

  • Architect, design, and oversee enterprise-class security systems in public clouds such as Amazon Web Services (AWS), and Microsoft Azure 
  • Ensure organizational alignment with the cloud security strategy including integration with tools such as Cloud Access Security Broker (CASB)
  • Coordinate security activities within IS and across the organization such as the Architecture Review Board (ARB), and the Cloud Center of Excellence (CCOE) 
  • Design and document security architecture requirements and building blocks to mitigate threats and risks
  • Collaborate with the development and project teams to ensure cloud security standards, patterns, and best practices are followed
  • Maintaining security architecture documentation and diagrams
  • Gain organizational commitment for security solutions and plans, as well as evaluate and select technologies required to complete those plans
  • Partner with the IS leadership team, and other teams and individuals across the company to advance security standards and guidelines
  • Provide regular updates to stakeholders on any assigned findings, and remediation plans related to cloud security
  • Understand regulations and governmental initiatives, our technology, our environment and systems to ensure security gaps are addressed
  • Lead through influence, effective communication and demonstrated understanding of business and technical requirements
  • Stay up-to-date with current and emerging cloud security topics  
  • Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
  • Excel as a 'manager of one' by defining and executing on goals and tasks that are aligned with organizational objectives
  • Other Information Security-related tasks as assigned

Launch your career - Create your profile now!

Create your Profile

Loading some great jobs for you...