Information Security Architect
The Information Security Architect will be responsible for developing secure architecture solutions as part of the design phase and implementation of projects, developing cost effective strategies for protecting confidential data via information security techniques, encryption technologies, access control methodology and DLP. This role will also be responsible for identifying risk, and influencing other domain architects to ensure a complete and secure product. The individual chosen for this role will need to have the ability to challenge others and provide solutions to address security vulnerabilities during all phases of initiatives and projects.
Find a career. Gain a family.
Safelite will be unlike any place you've ever worked. (This won't be just the daily grind!) You'll join caring and passionate teams that collaborate to make a difference, deliver extraordinary results and bring unexpected happiness. Every day. Your effort, heart and creative ideas will be valued and rewarded. And we care about your well-being. So, we'll strive to give you what you need to be happy at work and at home.
Develop secure architectural solutions as part of the design phase of system development and implementation projects.
Develop cost effective strategies for protecting confidential data through use of information security techniques and technologies, including but not limited to: encryption technologies; access control; DMZ architecture and network security zones; content monitoring and filtering; data leakage tools.
Assess and mitigate PCI, NIST and ISO implications of new product development.
Evaluate emerging technology and security software tools for benefit and compatibility to organization's infrastructure.
Partner with platform and engineering teams to integrate security controls into continuous integration, delivery and deployment processes.
Develop and document security centric solutions and standards for the organization based on current threat vectors, NIST and ISO frameworks.
Provide guidance and subject matter expertise on infrastructure, application & data security to engineering teams across the company.
Consult and advise project teams regarding information security risks and industry practices.
Provide Security Architecture consultation with other parts of IT and business partners, and software development processes to ensure the applications developed and systems implemented are in line with security best practices and company policies and standards and are compliant with the required frameworks (ISO, SOX, SWIFT, OWASP, NIST Cyber Security, etc.).
7-10 years of relevant experience is required.
Bachelor's degree in MIS, CIS, Computer/Engineering, or equivalent experience is required.
Eight or more years of experience working in IT, with minimum of 3 years of experience of leading application security architecture efforts that requires close collaboration with project teams and business stakeholders is required.
Security and authentication related work on web applications and protocols including but not limited to security issues like XCC, CSRF *Minimum of 3 year DLP, DRM, Data Encryption/Masking/Tokenization experience is required.
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies is required.
Applicable security certifications desired; CISSP, CEH, GIAC, GSEC, or CSSLP or advanced degree in InfoSec is required.
We're known as an auto glass company. That's the focus of what we do. But we're much more -- we're a growing and evolving service brand. And what really makes us unique is our people. Because at our core, we're a People Powered organization -- and our people come first and our culture matters. We'll help you find a fulfilling career path and encourage you to have a life. Let us be the best place you'll ever work.