Career Techniques
Information Security Architect
Career Techniques, Dallas, Texas, United States, 75215
*In-Office 5 days/week*The Information Security team is responsible for the oversight and execution of the Enterprise’s Information Security, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning/implementation, identity management, network security, privacy, and compliance.The position of Security Architect will report directly to the Chief Information Security Officer and is responsible for designing, deploying, and overseeing the management of Enterprise-wide security tooling and executing against the company’s Information Security and Compliance roadmap. In addition, this resource will serve as a technical Security Subject Matter Expert providing architecture review and guidance across all technology projects. Working closely with technology partners, he or she will also guide the selection, implementation, and integration of various security solutions.Responsibilities:
Design and implement robust security architectures for multi-cloud + data center environmentsOversee and directly participate in the installation, configuration, and management of information security technologiesCreation and maintenance of tactical and strategic roadmaps for all technical security solutionsRemediation of identified risk, compliance, or other security gaps via technical solutions and controlsManage security tooling in the domains of network security, identity and access management, continuous monitoring, vulnerability and cloud security posture management, asset management, and other cybersecurity tooling/solutionsDevelop automations that drive security remediation and outcomesWork with developers to implement DevSecOps solutions and design and implement a security focused SDLC through the:Integration of security tools and practices into CI/CD pipelines.Automation of security checks and compliance validation using IaC tools (e.g., Terraform).Implementation of automated incident response playbooks.Configure, troubleshoot and maintain security infrastructure software and hardwareIdentify, define and document system security requirements and recommend solutions to managementOversight of the organization’s Architecture Review Board to drive forward Enterprise standards and security principles across all initiativesServe as trusted advisor to all technology team members regarding building security into their projects/productsKeep current on industry trends and the direction our competitors are heading with respect to business capabilities and technology.Perform research, formal evaluation and prototyping of leading/emerging technologies without oversightRequirements and Qualifications:
Bachelor’s degree in Computer Science, Information Security, or a related field.7-10 years of experience in an Infrastructure or Security Architect/Engineering roleExperience with software and security architectures in multi-cloud and data center environmentsAbility to lead an automation first culture, and drive a shift from click-ops to DevSecOps and Infrastructure-as-CodeExperience building and securing Kubernetes environmentsAbility to lead automation efforts leveraging technologies such as TerraformNetworking technology proficiency including the ability to lead network segmentation efforts, implementation of secure remote access, as well as IDS/IPS deployment and tuning.Microsoft 365 (E5), Azure, and AWS background, including experience architecting security across multi-tenant and multi-cloud environmentsExperience in applying security to cloud technologies (managing secrets, Securing CI/CD pipelines, Infrastructure as Code, Container Security)Experience in implementing enterprise-wide vulnerability management solutions, including container-based vulnerability management.Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, or Microsoft/Azure Security CertificationsStrong knowledge of security, regulatory, and control frameworks, such as ISO270001, HIPAA, GDPR, NIST, and CIS.Self-starter who demonstrates strong ownership of their domainInterpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.High level of personal integrity, and the ability to professionally handle confidential matters.Natural passion for security and strong drive to see both projects and investigations to completion.
#J-18808-Ljbffr
Design and implement robust security architectures for multi-cloud + data center environmentsOversee and directly participate in the installation, configuration, and management of information security technologiesCreation and maintenance of tactical and strategic roadmaps for all technical security solutionsRemediation of identified risk, compliance, or other security gaps via technical solutions and controlsManage security tooling in the domains of network security, identity and access management, continuous monitoring, vulnerability and cloud security posture management, asset management, and other cybersecurity tooling/solutionsDevelop automations that drive security remediation and outcomesWork with developers to implement DevSecOps solutions and design and implement a security focused SDLC through the:Integration of security tools and practices into CI/CD pipelines.Automation of security checks and compliance validation using IaC tools (e.g., Terraform).Implementation of automated incident response playbooks.Configure, troubleshoot and maintain security infrastructure software and hardwareIdentify, define and document system security requirements and recommend solutions to managementOversight of the organization’s Architecture Review Board to drive forward Enterprise standards and security principles across all initiativesServe as trusted advisor to all technology team members regarding building security into their projects/productsKeep current on industry trends and the direction our competitors are heading with respect to business capabilities and technology.Perform research, formal evaluation and prototyping of leading/emerging technologies without oversightRequirements and Qualifications:
Bachelor’s degree in Computer Science, Information Security, or a related field.7-10 years of experience in an Infrastructure or Security Architect/Engineering roleExperience with software and security architectures in multi-cloud and data center environmentsAbility to lead an automation first culture, and drive a shift from click-ops to DevSecOps and Infrastructure-as-CodeExperience building and securing Kubernetes environmentsAbility to lead automation efforts leveraging technologies such as TerraformNetworking technology proficiency including the ability to lead network segmentation efforts, implementation of secure remote access, as well as IDS/IPS deployment and tuning.Microsoft 365 (E5), Azure, and AWS background, including experience architecting security across multi-tenant and multi-cloud environmentsExperience in applying security to cloud technologies (managing secrets, Securing CI/CD pipelines, Infrastructure as Code, Container Security)Experience in implementing enterprise-wide vulnerability management solutions, including container-based vulnerability management.Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, or Microsoft/Azure Security CertificationsStrong knowledge of security, regulatory, and control frameworks, such as ISO270001, HIPAA, GDPR, NIST, and CIS.Self-starter who demonstrates strong ownership of their domainInterpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.High level of personal integrity, and the ability to professionally handle confidential matters.Natural passion for security and strong drive to see both projects and investigations to completion.
#J-18808-Ljbffr