Cloud / Application Security Architect: Provides technical and business governance to the cloud and application development with the corporation. Accountable for security architecture framework, adherence to industry standards and best practices. Maintains the project roadmap for security efforts in the cloud and application space. Works with application and infrastructure teams to insure policies and standards are enforced across the environment.
Strong oral and written communication skills; including presentation skills.
Strong project management skills.
Strong understanding of documentation procedures for systems, changes and desk level procedures.
As a subject matter expert, act as a leader with Security Engineering team members to support ongoing and long-term initiatives and projects.
Solid operational knowledge of common security technologies (e.g. ACL's - basic, extended/reflexive, Firewall, IDS/IDP, VPN, etc.); and advanced support and complex change configuration ability in at least one security technologies; competent at intermediate change configurations in more than one security technologies.
Operational experience with multiple other security technologies that can affect change management, security management, audit and control, encryptions, etc.
Administrative experience in multiple versions of operating systems such as Windows, Solaris, BSD, Linex, SCO, HPUX, etc.
Solid scripting ability in Shell, PERL, Python, or other similar use language.
Demonstrated technical writing skills required for documentation, troubleshooting guides, acceptance procedures, upgrade procedures, and process.
Ability to follow documented daily procedures and policies; monitoring tools and response guidelines, escalation and notification processes; and Trouble/Ticket management processes and guidelines. Responsibility and Interaction: Responsibility.
The tasks this individual is responsible for are often unstructured, have wide implications and there are multiple outcomes.
This individual will apply broad expertise or unique technical/industry knowledge in solving.
Experience developing enterprise class cloud security architectures
Working knowledge of cloud security industry best practices
2+ years working with one or more cloud service models (Infrastructure as a Service, Platform as a Service, and Software as a Service) and deployment models (public, private, hybrid)
2+ years direct experience designing and implementing security solutions for one or more leading cloud providers (AWS, Azure, Google Cloud Platform)
Working knowledge of DevOps Security concepts for Continuous Integration/Continuous Delivery environments
Working knowledge of risk assessments, configuration management, change control, and security baselines and frameworks (NIST CSF, CIS)
Vulnerability management experience with Common Vulnerability Scoring System (CVSS), Common Vulnerabilities and Exposures (CVE), and Open Web Application Secure Project (OWASP)
Practical experience with Static Application Security Test (SAST), Dynamic Application Security Test (DAST), threat modeling, and Secure Development Lifecycle preferred
Desired: a minimum of 12 years of related experience with a Bachelor's degree; or 8 years and a Master's degree; or a PhD with 5 years' experience; or equivalent experience. Certifications such as CISSP, CCSP, or CISM are a plus
Job Segment: Architecture, Cloud, Engineer, Technical Writer, Application Developer, Engineering, Technology