Req ID: 42654
Job Family: Information Technology/Software Development
Sabre is the global leader in innovative technology that leads the travel industry. We are always looking for bright and driven people who have a penchant for technology and want to hone their skills. If you are interested in challenging work, being part of a global team, and solving complex problems through technology, business intelligence and analytics, and Agile practices - then Sabre is right for you! It is our people who develop and deliver powerful solutions that meet the current and future needs for our airline, hotel, and travel agency customers.
The Cloud Security Architect will be a direct report to the Sabre's Chief Security Architect, and will be responsible for understanding complex Technology, Engineering and Operations (TE&O) environments and Sabre business unit needs, and then helping to develop the necessary cloud security architectural solutions and strategies necessary to implement the new SabreNext strategy, including SME level expertise dealing with VMWare, Azure, AWS, Google and other similar security architectures for protecting PII/PCI data and GDPR defined information that is deployed into different types of cloud and cloud/hybrid systems. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS).
The Cloud Security Architect will serve as the central point of contact for TE&O, PT and other technology teams within the organization for all matters related to cloud security. The successful candidate will possess excellent interpersonal and communication skills required to partner with other leaders across the business to identify opportunities and risks and develop and deliver solutions that support business strategies and protect Sabre's sensitive information and intellectual property globally.
Work with key areas of business and IT to develop baseline cloud, container and application security standards and features and integrate into CI/CD pipeline.
Architect, design and implement security features at key layers including infrastructure, platform, application, containers, cloud throughout a CI/CD pipeline (AWS, Azure Cloud, Docker, Kubernetes, Open Shift, Ansible, Jenkins).
Develop and maintain blueprints and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.
Implement and design API Security, Container Security, AWS and Azure Cloud Security.
Working with the Chief Security Architect and other members of the Risk and Security (R&S) Team, help to create and define the security strategies and roadmaps required for secure cloud architecture, identity provisioning, monitoring and vulnerability management.
Design and develop security architectures for cloud and cloud/hybrid based systems. Possess a firm understanding of the offerings within VmWare, Amazon Web Services (AWS) and the Microsoft Azure platforms. Based on business requirements, design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk to Sabre and Sabre customers, and with appropriate security controls present.
Represents Risk and Security in development and implementation of the SabreNext overall global enterprise cloud architecture. Acts as the ambassador and senior technical representative for R&S while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions.
Works with TE&O, Infrastructure Services, End User Computing, Business Unit and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the company environments. Develops standards in partnership with these areas and works with R&S Governance, Compliance and Risk team members to codify and publish these requirements. Engineering, Infrastructure Services, and Application Development.
EDUCATION: Bachelor's Degree in Computer Science, Information Technology Management, or other technical discipline, or equivalent.
7 years of experience with Security Architect and/or Engineering.
3 years of experience with Cloud platforms such as Amazon Web Services (AWS), Azure, VMware NSX.
Experience architecting solutions within Amazon Web Services (AWS), Azure, VMware NSX
Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
Experience with deployment orchestration, automation, and security configuration management preferred.
Experience with service-oriented architecture for cloud-based services.
Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
Experience with enterprise applications (architecture, development, support, and troubleshooting).
Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decision recommendations.
Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
Strong interpersonal and communication skills; ability to work in a team environment.
Ability to work independently with minimal direction; must be a self-starter and be self-motivated.
Technical writing experience.
Must have two or more of the following cloud security certifications: CCSK - Certificate of Cloud Security Knowledge (CSAA), CCSP - Certified Cloud Security Professional (ISC2), Cloud+ (CompTIA), AWS Certified Solutions Architect (Amazon), Google Certified Professional Cloud Architect (Google), Professional Cloud Security Manager (EXIN), and CISCS - Certified Integrator Secure Cloud Services (EXIN).
Two or more non-cloud related security certifications preferred - CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL, etc.
PMP and Agile certifications are a plus.
Key Knowledge and Skill Requirements
Demonstrated relevant security expertise in designing cloud security solutions for a variety of technology offerings, including:
AWS, Google, Azure and other Cloud Service Provider solutions
Strong development and application security background
CI/CD - Deployment pipeline experience (Jenkins, Ansible, Terraform)
Familiarity with REST API design
Hands on programming and scripting experience (Python, Java etc)
Devops container/orchestration tools (Kubernetes, Docker, etc)
Deep knowledge of Azure and AWS native security tools
Sabre Holdings Corporation