Las Vegas Sands Corp. Las Vegas , NV 89134
Posted 2 weeks ago
Job Description:
Position Overview
The primary responsibility of the Business Information Security Architect - Cyber Security is to serve as the primary point of contact between the information security function and the assigned business unit and/or Information Technologies department. The role will provide guidance during design, review vendor products (TRA), liaison for the business unit, and overseeing the transfer into production.
All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.'s policies, practices, and procedures. All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company's standards, work requirements and rules of conduct.
Essential Duties & Responsibilities
Communication skills: To communicate with all stakeholders such as software engineers, management, business units and vendors, the individual must convey technical language to other stakeholders often in non-technical terms.
Identifying, testing and managing risk: They must identify and evaluate the risk to eliminate or mitigate risk in system or network.
Knowledge of software development process and technical skills: Business Information Security Architect must know the technical aspects of projects to identify risks, propose immediate solutions and provide guidance for the application and system solutions during design and/or established architecture diagrams.
Support development of cyber security requirements for software or applications.
Ensure that all cybersecurity requirements have been met prior to production release.
Proven experience as software architect, with a good understanding of cybersecurity functions
Actively seek ways to improve business software processes and interactions.
Perform security architecture design reviews of our products
Interact with architecture review board to identify cyber risk in design
Provide remediation guidance and recommendations during the Threat Risk Assessment lifecycle
Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs
Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments
Experience as an Application/Product Security Engineer, Architect or Developer
Perform job duties in a safe manner.
Attend work as scheduled on a consistent and regular basis.
Perform other related duties as assigned.
Minimum Qualifications
At least 21 years of age.
Proof of authorization to work in the United States
Bachelor's degree in Computer/ Information Science preferred or equivalent work experience.
4 or more years of experience in a cyber security architect role or at least 8 years related field work experience with 4 or more years of experience in a cyber security role and at least 4 years of Engineering experience. Must have a combination of 2 of the three bullet points below;
At least 4 years of experience as an Architect
At least 4 years of experience as an Engineer
At least 4 years of experience in Penetration Testing, Cloud Security or Application Security
Demonstrated experience working with technical and non-technical Team Members
Basic knowledge of a broad range of IT Security, Controls and Service Delivery standards and frameworks for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Control Objectives for IT (CoBIT), and Capability Maturity Model Integration (CMMI).
Professional program certification in cybersecurity such as ISC2 CISSP, ISACA CRISC or CompTIA Security+ is recommended or working towards.
Demonstrated knowledge of web applications, cyber security, and open-source technologies.
Outstanding collaboration and communication skills are essential.
Ability to execute multiple projects and tasks under tight deadlines.
Experience working with Business Units and Information Technology teams to build secure solutions
Strong familiarity with common vulnerabilities and attack vectors
Provide off-hours support on an infrequent, but as needed basis. (Potential shifts may run 24/7 due to the needs of the business).
Must be able to work varied shifts, including nights, weekends, and holidays.
Physical Requirements
Must be able to:
Lift or carry 20 pounds, unassisted, in the performance of specific tasks, as assigned.
Physically access assigned workspace areas with or without reasonable accommodation.
Work remotely as necessary.
Work indoors and be exposed to various environmental factors such as, but not limited to, CRT, noise, and dust.
Utilize laptop and standard keyboard to perform essential functions of the job.
Las Vegas Sands Corp.