Security Architect, Cloud (4-days in NYC office/1-day remote)

Security Architect

New York, NY (4-days in office)

$150-$170k + bonus

RESPONSIBILITIES

The Cybersecurity Architect will develop and maintain security frameworks and architectures, technical standards and guidelines across the security domains of identity, network infrastructure and endpoints. You will work in close collaboration with IT leaders from our operating companies to ensure cybersecurity controls and investments are in alignment with our business strategic goals. In this role, the Cybersecurity Architect will:

• Focus on the development of cloud security architecture controls in the form of standards and frameworks.
• Create security strategies to improve controls and architecture for critical security infrastructure including within security domains including: IAM, Compute, Storage, Networks and Applications.
• Provide subject matter expertise on system, application, database and network security.
• Security harden Azure, GCP, Platform as a Service (PaaS) infrastructure and Software as a Service (SaaS).
• Proactively adopt new cloud infrastructure and technologies.
• Research, design and promote the use of new technologies, security architectures, and products that will support security requirements, provide synergies and optimize costs for the organization as a whole.
• Develop and maintain cybersecurity controls to adequately and cost effectively protect company assets.
• Serve as a cybersecurity subject matter expert in a variety of domains
• Support the CISO and Chief Cybersecurity Architect to develop and build forward thinking, risk-based cybersecurity strategies.

REQUIREMENTS

• Deep understanding of cybersecurity architectures, technologies, solutions, and best practices across Cloud, Applications and Data Security
• A minimum of 4 years of combined IT and Security work experience, with a broad exposure to network infrastructures and multi-platform environments
• Three (3) years of experience with Identity and Access Management, with a solid grasp of concepts like authentication, authorization, multi-factor authentication, and federation.
• Three (3) years of hands-on expertise operating in an Azure and/or GCP environment, including architecture and security capabilities in the cloud.
• Knowledge of web application security, SaaS security, and application security vulnerabilities such as the OWASP Top Ten
• Direct experience defining security controls for identity and access management (IAM), Privilege Access Management (PAM), Secrets management, Identity Federation and Authentication/Authorization technologies and services such as Active Directory and Okta.
• Solid understanding of architecture-based security issues and network infrastructure security controls, how to design enterprise systems for security, and strong architectural threat modeling expertise.
• Knowledge and understanding of information risk assessment concepts and principles in relation to risk appetite, risk tolerance, and business risk exposure
• Excellent interpersonal skills with the ability to translate technical subjects to non-technical audiences.
• Proficient in technical writing and creation of policies, standards, procedures, and guidelines.
• Understanding of cybersecurity frameworks and guidelines such as those developed by NIST, CISA, CIS and CSA.
• Certified Information Systems Security Professional (CISSP) certified or equivalent.
• Be creative and intellectually curious and not afraid to immerse yourself in technical documentation.
• Be highly collaborative and consultative.
• Have a passion for all things security.