CloudFlare
Security Architect (Apps/Software)
CloudFlare, San Francisco, California, United States, 94199
Available Locations:
Lisbon, Portugal, Mexico City, Mexico, Washington, DC, or Remote US
About the role
As an Enterprise Security Architect, you will play a key role in effectively designing defensible network architectures, builds & configurations, security platforms and automation, assisting in secure tool and product development, and establishing security standards and guidelines across the enterprise. This role will lead security project work with technology peers for successful delivery and coach technology staff on appropriate security standards, processes, protocols, and needs as they implement new technology into the organization.
What You’ll Do
Design complex security solutions.
Lead projects to implement secure enterprise systems and identify issues that could compromise data integrity or security.
Develop security policies, procedures, and guidelines; recommend necessary changes to ensure compliance with regulatory requirements and privacy laws.
Create and implement enterprise security architecture models.
Utilize open communication and managerial courage to ensure standards, expectations, and goals are respected and upheld.
Advise engineering and development teams on security best practices and design.
Lead security-related projects from inception to successful completion and coach technology staff on appropriate security protocols.
Analyze complex issues where evaluation of situations or data requires in-depth analysis of variable factors.
Determine methods and procedures on new assignments and coordinate activities of other personnel.
Use professional concepts and company objectives to resolve complex issues creatively and effectively.
Ensure the organization's security strategy aligns with business goals.
Examples of Desirable Skills, Knowledge, and Experience
10+ years of experience in an IT/Security related field, with 5 years as a security architect.
In-depth understanding of security concepts.
Ability to align business, engineering, IT, and security processes, and implement solutions to complex objectives.
Able to anticipate challenges and steer the company towards growth.
In-depth knowledge of:
Analyzing and fixing software errors, designing new programs, and providing support to existing applications.
Integrating application security into the overall design and architecture rather than during testing.
Secure Software Development Lifecycle Requirements, including:
Using a secure software development lifecycle at all stages.
Identifying threats, facilitating risk responses, planning countermeasures, and guiding security testing during sprint planning or design changes with threat modeling.
Ensuring all user stories and features include functional security constraints.
Verifying justification and documentation of all application components, trust boundaries, and significant data flows.
Defining high-level architecture and verifying security analysis of each remote service connected.
Implementing centralized, reusable, secure, simply designed, and vetted security controls.
Ensuring security requirements, guidelines, coding checklists, or policies are available to all developers and testers.
Access Control Architectural Requirements.
Input and Output Architectural Requirements.
Cryptographic Architecture Standards.
Errors, Logging, and Auditing Architecture.
Communications Architecture.
Business Logic Architecture.
Malicious Software Architecture.
#J-18808-Ljbffr
Lisbon, Portugal, Mexico City, Mexico, Washington, DC, or Remote US
About the role
As an Enterprise Security Architect, you will play a key role in effectively designing defensible network architectures, builds & configurations, security platforms and automation, assisting in secure tool and product development, and establishing security standards and guidelines across the enterprise. This role will lead security project work with technology peers for successful delivery and coach technology staff on appropriate security standards, processes, protocols, and needs as they implement new technology into the organization.
What You’ll Do
Design complex security solutions.
Lead projects to implement secure enterprise systems and identify issues that could compromise data integrity or security.
Develop security policies, procedures, and guidelines; recommend necessary changes to ensure compliance with regulatory requirements and privacy laws.
Create and implement enterprise security architecture models.
Utilize open communication and managerial courage to ensure standards, expectations, and goals are respected and upheld.
Advise engineering and development teams on security best practices and design.
Lead security-related projects from inception to successful completion and coach technology staff on appropriate security protocols.
Analyze complex issues where evaluation of situations or data requires in-depth analysis of variable factors.
Determine methods and procedures on new assignments and coordinate activities of other personnel.
Use professional concepts and company objectives to resolve complex issues creatively and effectively.
Ensure the organization's security strategy aligns with business goals.
Examples of Desirable Skills, Knowledge, and Experience
10+ years of experience in an IT/Security related field, with 5 years as a security architect.
In-depth understanding of security concepts.
Ability to align business, engineering, IT, and security processes, and implement solutions to complex objectives.
Able to anticipate challenges and steer the company towards growth.
In-depth knowledge of:
Analyzing and fixing software errors, designing new programs, and providing support to existing applications.
Integrating application security into the overall design and architecture rather than during testing.
Secure Software Development Lifecycle Requirements, including:
Using a secure software development lifecycle at all stages.
Identifying threats, facilitating risk responses, planning countermeasures, and guiding security testing during sprint planning or design changes with threat modeling.
Ensuring all user stories and features include functional security constraints.
Verifying justification and documentation of all application components, trust boundaries, and significant data flows.
Defining high-level architecture and verifying security analysis of each remote service connected.
Implementing centralized, reusable, secure, simply designed, and vetted security controls.
Ensuring security requirements, guidelines, coding checklists, or policies are available to all developers and testers.
Access Control Architectural Requirements.
Input and Output Architectural Requirements.
Cryptographic Architecture Standards.
Errors, Logging, and Auditing Architecture.
Communications Architecture.
Business Logic Architecture.
Malicious Software Architecture.
#J-18808-Ljbffr