Security Architect

Must Haves:

• 5 years of experience in security architecture, application architecture, or similar, demonstrating solutions delivery.
• Must have an application security background/app dev background.
• Experience designing and implementing DevSecOps solutions or similar. This includes continuous monitoring and making improvements to those solutions and working with an information security team.
• Experience consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Security considerations of cloud computing: This includes data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss, and DoS attacks.
• Experience in development languages such as Java, C#, JavaScript, Python, and shell scripting. Front-end development frameworks like Angular or React. Relational and NoSQL database technologies. Version control, including git. Package management using tools similar to Maven, Gradle or npm.

Day to Day:

The Domain Security Architect will be responsible for analyzing current Information Technology (IT) and cybersecurity trends, and developing technology strategies, policies, standards, and roadmaps to provide guidance for technology solutions and planning efforts. Additionally, this candidate will be responsible for providing leadership on product evaluation and implementation as well as supporting cybersecurity risk reduction efforts across the organization. Their primary goal is to provide strategic focus and consistency across the enterprise to protect company information and technology assets.

• Collaborate with IT Project teams to determine EIS/Security requirements and design. This includes (but is not limited to) SOX, PCI, DevSecOps, and Cybersecurity Risks
• Collaborate with application development and architecture teams to define, author, train and implement standards specific to secure application development. This includes items such as: Static Code Analysis, Dynamic Code Analysis and Software Composition Analysis
• Collaborate with application development and network teams to: define, implement and troubleshoot Web Application Firewall
• Assist with engineering activities as needed
• Provide assistance with the development/maintenance of IT Policies
• Coordinate with the CRC Team Manager to develop and maintain the CRC technical roadmap of products and projects
• Other duties and responsibilities as assigned