Cloud Security Architect

Sabre Holdings Corporation Southlake , TX 76092

Posted 3 months ago

Req ID: 42654

Job Family: Information Technology/Software Development

Sabre is the global leader in innovative technology that leads the travel industry. We are always looking for bright and driven people who have a penchant for technology and want to hone their skills. If you are interested in challenging work, being part of a global team, and solving complex problems through technology, business intelligence and analytics, and Agile practices - then Sabre is right for you! It is our people who develop and deliver powerful solutions that meet the current and future needs for our airline, hotel, and travel agency customers.

Job Description

The Cloud Security Architect will be a direct report to the Sabre's Chief Security Architect, and will be responsible for understanding complex Technology, Engineering and Operations (TE&O) environments and Sabre business unit needs, and then helping to develop the necessary cloud security architectural solutions and strategies necessary to implement the new SabreNext strategy, including SME level expertise dealing with VMWare, Azure, AWS, Google and other similar security architectures for protecting PII/PCI data and GDPR defined information that is deployed into different types of cloud and cloud/hybrid systems. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS).

The Cloud Security Architect will serve as the central point of contact for TE&O, PT and other technology teams within the organization for all matters related to cloud security. The successful candidate will possess excellent interpersonal and communication skills required to partner with other leaders across the business to identify opportunities and risks and develop and deliver solutions that support business strategies and protect Sabre's sensitive information and intellectual property globally.

Key Responsibilities

  • Work with key areas of business and IT to develop baseline cloud, container and application security standards and features and integrate into CI/CD pipeline.

  • Architect, design and implement security features at key layers including infrastructure, platform, application, containers, cloud throughout a CI/CD pipeline (AWS, Azure Cloud, Docker, Kubernetes, Open Shift, Ansible, Jenkins).

  • Develop and maintain blueprints and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorized modification, destruction or disclosure.

  • Implement and design API Security, Container Security, AWS and Azure Cloud Security.

  • Working with the Chief Security Architect and other members of the Risk and Security (R&S) Team, help to create and define the security strategies and roadmaps required for secure cloud architecture, identity provisioning, monitoring and vulnerability management.

  • Design and develop security architectures for cloud and cloud/hybrid based systems. Possess a firm understanding of the offerings within VmWare, Amazon Web Services (AWS) and the Microsoft Azure platforms. Based on business requirements, design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk to Sabre and Sabre customers, and with appropriate security controls present.

  • Represents Risk and Security in development and implementation of the SabreNext overall global enterprise cloud architecture. Acts as the ambassador and senior technical representative for R&S while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions.

  • Works with TE&O, Infrastructure Services, End User Computing, Business Unit and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the company environments. Develops standards in partnership with these areas and works with R&S Governance, Compliance and Risk team members to codify and publish these requirements. Engineering, Infrastructure Services, and Application Development.

Job Requirements

EDUCATION: Bachelor's Degree in Computer Science, Information Technology Management, or other technical discipline, or equivalent.

EXPERIENCE:

  • 7 years of experience with Security Architect and/or Engineering.

  • 3 years of experience with Cloud platforms such as Amazon Web Services (AWS), Azure, VMware NSX.

  • Experience architecting solutions within Amazon Web Services (AWS), Azure, VMware NSX

  • Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.

  • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).

  • Experience with deployment orchestration, automation, and security configuration management preferred.

  • Experience with service-oriented architecture for cloud-based services.

  • Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.

  • Experience with enterprise applications (architecture, development, support, and troubleshooting).

  • Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.

  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decision recommendations.

  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.

  • Strong interpersonal and communication skills; ability to work in a team environment.

  • Ability to work independently with minimal direction; must be a self-starter and be self-motivated.

  • Technical writing experience.

  • Must have two or more of the following cloud security certifications: CCSK - Certificate of Cloud Security Knowledge (CSAA), CCSP - Certified Cloud Security Professional (ISC2), Cloud+ (CompTIA), AWS Certified Solutions Architect (Amazon), Google Certified Professional Cloud Architect (Google), Professional Cloud Security Manager (EXIN), and CISCS - Certified Integrator Secure Cloud Services (EXIN).

  • Two or more non-cloud related security certifications preferred - CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL, etc.

  • PMP and Agile certifications are a plus.

Key Knowledge and Skill Requirements

  • Demonstrated relevant security expertise in designing cloud security solutions for a variety of technology offerings, including:

  • AWS, Google, Azure and other Cloud Service Provider solutions

  • Strong development and application security background

  • CI/CD - Deployment pipeline experience (Jenkins, Ansible, Terraform)

  • Familiarity with REST API design

  • Hands on programming and scripting experience (Python, Java etc)

  • Devops container/orchestration tools (Kubernetes, Docker, etc)

  • Deep knowledge of Azure and AWS native security tools

  • LI-LT1

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cloud Security Remediation Engineer

Verizon Communications

Posted 1 month ago

VIEW JOBS 11/18/2018 12:00:00 AM 2019-02-16T00:00 What you'll be doing... As our Cloud Security Remediation Developer, you will be responsible for closely monitoring security advancements in the OpenStack development community and ensuring that any enhancements to cloud security, industry recognized security frameworks and security best practices are applied to our deployments as applicable. You will also be responsible for creating auditing and reporting mechanisms that will fit into the existing VCP monitoring and alarming regimens so that the team can track remediation efforts and compliance over time, and take corrective action when systems fall out of compliance Verizon is looking for out-of-the-box thinkers to help us build and manage the Verizon Cloud Platform (VCP). People who are hard-working and really want to help transform the way we do operations. What we do really matters to the business. This is a great opportunity for you to bring your technical leadership, skills and experience to life as part of a small team within a large organization. We operate with a lean startup mentality with the support of a large directional division. You will have the experience and expertise of the best network team in the world behind you as you help the team transform infrastructure, workload, and product through content delivery, mobility, and Verizon's enabling of the Internet of Things. Verizon Cloud Platform & Infrastructure Security: * OS, Stack, and node level firewall management/hardening, threat identification/remediation, configuration management, file system and data integrity monitoring, penetration testing, and regulatory compliance Platform Auditing and Compliance: * Through the use of several industry accepted security frameworks, routinely audit the VCP infrastructure, measuring compliance with these standards and develop code to remediate any findings that fall outside of acceptable boundaries Reporting and Automation: * Development of tooling and processes to ensure that security remediation solutions are deployed uniformly across all VCP locations around the globe and track audit results and compliance down to the node level. Cloud Application Security: * Identification of tenant validation requirements, discovery/verification of critical vulnerabilities for tenants, creation and management of tenant vulnerability reports and KPIs, regulatory compliance Legal & Compliance: * Ensure supplier provided software and services meet requirements for Verizon regulatory environment What we're looking for... You'll need to have: * Bachelor's degree or four or more years of work experience. * Six or more years of relevant work experience. Even better if you have: * A degree. * Demonstrated strong communication skills (written, verbal, presentation). * Experience with Linux systems administration (preferably in Virtualized environment). * Strong security background with a focus in OS level system hardening techniques and compliance with industry approved frameworks (NIST, STIG, CIS, PCI-DSS, FISMA). * Experience working with common pen test tools such as Nmap, Nessus, OpenVAS, Wireshark, Metasploit, etc. * Strong scripting skills (e.g. Python, Bash/Shell, Ruby, Perl, other). * Experience working with APIs (preferably including OpenStack APIs). * Experience working modern configuration management tools (Puppet, Ansible, Chef). * Experience working with KVM, libvirt, VMWare, or other virtualization technology. * Knowledge of IP networking, VPN's, DNS, load balancing, firewalls, SSL termination devices. * Experience working with solutions at scale. * Ability to enhance team learning environment by providing and encouraging mentorship and technical leadership. * Experience building and troubleshooting OpenStack. * Experience with Openstack Deployment technologies (tripleo, MAAS). * Experience with Continuous Integration / Continuous Deployment (CI/CD). * Knowledge of GitHub and managing and maintaining repositories for collaborative work efforts. * CISSP, CEH or other similar security certifications. * Firm understanding of the concepts behind Software Defined Networking (SDN) and Network Function Virtualization (NFV). * Contributions to open-source projects. When you join Verizon... You'll be doing work that matters alongside other talented people, transforming the way people, businesses and things connect with each other. Beyond powering America's fastest and most reliable network, we're leading the way in broadband, cloud and security solutions, Internet of Things and innovating in areas such as, video entertainment. Of course, we will offer you great pay and benefits, but we're about more than that. Verizon is a place where you can craft your own path to greatness. Whether you think in code, words, pictures or numbers, find your future at Verizon. Equal Employment Opportunity We're proud to be an equal opportunity employer- and celebrate our employees' differences,including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, and Veteran status. Different makes us better. Verizon Communications Southlake TX

Cloud Security Architect

Sabre Holdings Corporation