Sr. Security Architect
Job Summary:
The Security Architect works within a multi-disciplinary team of engineers and architects to design, build and maintain integrated security solutions and patterns for the enterprise. Success for this role is centered upon establishing and maintaining solid relationships and buy-in for risk-mitigation initiatives that serve as enablers of business transformation.
The Role will:
- Gather and analyze requirements from business and technical stakeholders to produce business and functional requirements and use cases/user stories for security solutions
- Design, develop, and document enterprise security solutions to meet requirements
- Develop and deploy prototype solutions, perform gap analyses and work with engineering team to fully operationalize the designs.
- Evaluate new and emerging security technologies for potential suitability in the company's environment
- Evaluate existing security tools, identify and prototype automation and new tooling to improve efficiency of security engineering capabilities
- Act as security subject matter expert utilizing current information security technology disciplines and industry standards to ensure confidentiality, integrity, and availability of information assets
- Evaluate enterprise-wide IT solutions and solution designs for the presence of effective security controls and regulatory compliance, using systematic assessment and threat modelling approaches. Partner with the solution owners, technology experts and vendors to ensure any missing security controls are designed and added, mitigated or risk managed.
- Develop reference security architectures and frameworks (including requirements, design patterns, and other artifacts) for use throughout the company
- Contribute to the development of security policies, security standards, and risk governance processes
- Develop and foster relationships with technical teams and business partners in order to create an integrated approach that provides data integrity, information confidentiality, and service availability.
- Support business operations and critical information asset investments to ensure the security portfolio remains strategic and fully aligned to execute the priorities of the organization and deliver expected business results
Knowledge / Skills / Abilities:
- Demonstrated knowledge of Enterprise IT including network security, mobile security, cloud security, and infrastructure security, including Windows, Unix/Linux.
- Experience with designing implementations of common security tools such as Firewalls, Identity Management, PIM/PAM, Remote Access, DLP, EDR, Vulnerability Detection, SEIM, Security Gateways and Proxy Technologies.
- Demonstrated multiple year experience in one or more of the following:
- Data Protection
- Identity and Access Management
- Cloud Security
- DevSecOps
- Knowledge of application security including API security, solutions focusing on authentication, audit and logging, request/response validation.
- Knowledge of industry IAM standards like OAuth, OpenID Connect, SAML, SCIM, FIDO and other emerging trends.
- Demonstrated ability to assess complex and heterogeneous solutions and achieve “Secure by Design" through partnership with business stakeholders, solution designers, other subject matter experts, vendors, and governance, risk and compliance teams.
- Experience of applying Industry Security Frameworks such as NIST CSF/800-53/800-82, ISO 27001, OSA, OWASP, CIS, CSA, PCI
- Preferred experience with the transformation of traditional data center security measures into industry adopted cloud technologies including Amazon, Azure, Google, etc.
- Experience with multiple architecture styles including SOA, API-first and micro-services architectures.
- Experience in architecting and building large scale systems using scale-out architecture that require high availability, performance, high scalability and multi-tenancy.
Required Qualifications:
- One or more Security certifications (i.e. CISSP, CCSP, CISM, GSEC, SANS GIAG, ISSAP) or equivalent education. Additional cloud provider certification is a plus
- 7+ years’ work experience in in Security Engineering, Identity and Access Lifecycle Management, Data Protection, or Cloud Security in a medium or large corporate environment; or a Master’s degree in Information Security with 4 years’ work experience in Security Engineering, Identity and Access Lifecycle Management, Data Protection, or Cloud Security
- Demonstrated ability to develop solution designs to support enterprise-level environments
- Experience in developing enterprise security solutions in a large, complex environment
- Demonstrated strong analytical and problem-solving skills
- Demonstrated ability to work within globally dispersed and cross-functional teams
- Broad knowledge of information technology and security controls in various application and infrastructure platforms including network (physical, virtual, internal, cloud), system platforms, storage, directory services, and end user computing
Pay range is commensurate with education, experience, specialized skills or certifications, etc.
Gas South Pay Range
$130,695 - $146,071 USD
Our Purpose and Culture
At Gas South, we approach each day knowing we have an opportunity to make a difference in people’s lives. That means helping our customers save money with everyday low rates and treating them with dignity, honesty and respect. It means supporting our employees in their personal and professional lives, and it means we want to make sure our success directly benefits the communities we serve by giving back 5% of profits to support children in need. Through partnerships with non-profits like United Way, Salvation Army, Junior Achievement, Bert’s Big Adventure and many others, we’re proud to help make a difference. At Gas South our employees bring their boldest ideas and most authentic selves to work, no matter their title, position or background. We understand that our people are our most valuable assets. So, we treat them that way, with competitive benefits, flexible schedule options, and a fun, casual atmosphere.
Gas South affirms that it is an Equal Opportunity Employer whose actions and practices are consistent with fair employment. In this regard, Gas South will not discriminate against any employee or applicant with regard to race, color, religion, sex, age, national origin, disability, pregnancy, childbirth or related medical conditions, genetic information, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment including recruiting, hiring, placement, training, promotion, lay-offs, transfers, leave of absence, compensation and termination.
Gas South is committed to fostering a diverse workforce and is an affirmative action employer.
Benefits for full-time employees include:
- Full medical, dental, and vision coverage
- Employer-paid life and disability coverage
- Annual employer contributions of up to 12.5% to your 401k
- Remote work options available based on business needs
- Annual performance incentive is a % of annual benchmark based on position level
- Paid four-week sabbatical every five years
- Opportunities to volunteer in the community
- Education assistance up to $5250 per year
Apply for this job
*
indicates a required field