What are the responsibilities and job description for the Principle Security Architect 3 position at Vaco by Highspring?
- Establish a thorough understanding of the organization's technology and IT systems.
- Plan, research, and design security architectures
- Develop, review, and approve the installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices
- Design and validate cloud architecture and controls
- Develop project timelines for system upgrades and preparing cost estimates
- Test the final security system and update and upgrade it as needed
- Establish disaster recovery procedures and conduct security breach drills
- Respond quickly and effectively to all security incidents and provide post-event analyses
- Monitor and guide the security team, cultivating a sense of security awareness, and arranging for continuous education
- Remain up to date with the latest security systems, standards, authentication protocols, and products
- Establish overall secure systems & applications architecture and designs based on industry control frameworks, standards and security best practices
- Provide security subject matter expertise on new initiatives to ensure positive security outcomes are delivered, including the early definition of security controls required, definition and implementation of clear secure development design principles
- Evaluate system changes across the organization to assess and document the security risk and impact
- Work with system engineers to understand and implement continuous improvement processes, automation, system upgrades and rollouts
- Continually evaluate systems' security capabilities, risks, and exposure to security threats, documenting risks and offer remediation advice to enhance or apply mitigating controls
- Identify opportunities to standardize and simplify security technology stack by leveraging native cloud capabilities where possible
- Collaborate with the Security Operations team in the assessment of new technologies and products for IT and business solutions
- Participate in the scheduling, testing, and implementing of enhancements or new releases with the security stack
- Partner with teams across IT on active or emerging threats
- Stay informed and tuned to security industry trends, emerging threats, vulnerabilities, & emerging technologies
- Provide leadership on highly complex projects
- Capable of making independent decisions or representing leadership at times.
- Develop, coach, motivate, energize and inspire fellow Flight Safety team members
- Build organizational talent by creating a learning environment that ensures employees realize their highest potential
- Support the budgeting, reporting, forecasting and cost models for security architecture service offerings
- Support the Director - Security Architecture in developing the budget projections based on short- and long- term goals and objectives
- Design and create new security measures for to improve security posture and operations
- Technical understanding of modern application architectures (Containers, Kubernetes, APIs)
- Understanding of CI/CD, IaC, and other processes
- Perform threat modeling to substantiate recommendations and designs
- Oversee secure development practices(code reviews, development strategy/roadmaps, assess risks on current deployed applications)
- Bachelor's Degree or equivalent education in Computer Science, Information Systems, information Security or other Information Technology-related field.
- CISSP or CCSP certification
- Additional certifications (CISA, CISM)
- 7-10 years related experience in technical security architecture and engineering function, including hands-on experience in:
- Secure Systems architecture & design
- Secure application development practices, DevOps, & SDLC
- GDPR, CCPA, NIST 800-53, NIST 800-171, NIST CSF, OWASP, & PCI DSS Controls
- Secure cloud architecture deployments, Azure & AWS
- Agile, waterfall, & hybrid project methodology
- Provide technical security architecture guidance and oversight to ensure increased security architecture maturity
- Articulate issues, risks, and proposed solutions to various levels of staff and management
- Contribute to the development of the security strategy, policy and service delivery objectives and best- practices for the design and delivery of security architecture services
- Develop processes, standards, guidelines and policies for the implementation and maintenance of security architecture principles within projects
- Manage multiple enterprise-wide programs simultaneously
- Proficient knowledge of the organization's mission, values and strategic goals to their work
- Expected to present information in writing, email, PowerPoint and other forms of documentation.
- Expected to work with employees from all areas of IT and maintain a good working relationship with them.
- Proficient with interacting with multiple levels and roles within the organization and shall have the ability to apply different strategies to convince others to change their opinions or plans.
- Regularly report to the Director Security architecture and CISO office using KPIs and other metrics to clearly reflect accomplishments and progress over time
- Demonstrate process-oriented approach with high attention to detail
- Excellent critical-thinking and organizational skills
- Proficient interpersonal skills with the ability to interact professionally with all levels within the organization
- Ability to work successfully with a diverse set of individuals and constituencies, and to be adept at advocating for, recommending and building consensus around suggested improvements
- Ability to work creatively and analytically with others in a problem-solving environment
- Ability to think both strategically and tactically in a high energy, fast paced environment
- Ability to exercise sound judgement, problem solve, and make decisions in complex situations
- Ability to communicate verbally and in writing within all areas and at all levels of the organization
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco by Highspring and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco by Highspring and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com .
Vaco by Highspring also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco by Highspring the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco by Highspring about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco by Highspring agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Vaco by Highspring and its parents, affiliates, and subsidiaries ("we," "our," or "Vaco by Highspring") respects your privacy and are committed to providing transparent notice of our policies.
- California residents may access Vaco by Highspring HR Notice at Collection for California Applicants and Employees here.
- Virginia residents may access our state specific policies here.
- Residents of all other states may access our policies here.
- Canadian residents may access our policies in English here and in French here.
- Residents of countries governed by GDPR may access our policies here.
Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to:
- the individual's skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
With that said, as required by local law, Vaco by Highspring believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.
