Security Architect

Security Architect

Vacancy expired!

An accounting software firm with a mission to make invoice management an easier process for bookkeepers and CFOs alike. An organization that prides themselves on diversity and inclusion, they have had a steadily increasing number of women entering management roles since 2019.

The organization is looking to expand its cybersecurity presence by bringing a new Security Architect on to the team. In this role you will create software and software fixes to merge internal infrastructure. Maintain the quality of the code by continual monitoring and testing.
Required Skills & Experience

• Computer Science or STEM degree
• 10+ years' experience in an engineering capacity
• AWS certification
• Exceptional English communication skills
• Involvement with full lifecycle of SaaS implementations and Infrastructure as code.
• Exceptional skills in troubleshooting
• Expertise in writing SQL and ELK queries, advanced Linux and Windows skills, diagnostic experience with monitoring applications (APM), APM configuration, basic IAM management, TCP/IP and OSI proficiency, AWS proficiency, and codify logs.
• Expertise in merging and applying PRs (Ansible and Terraform)
• Expert knowledge on architecture and infrastructure
• Involvement with offshore team collaboration
• Involvement with Microservice architecture/orchestration - Kubernetes /K8S/ECS
• Secret/credential management - HashiCorp Vault
• Cryptography/PKI - SSL, TLS certificate management
• Access Control Policy/RBAC
• SQL/ MySQL /PostgreSQL database querying experience

What You Will Be Doing

Daily Responsibilities

• Architects multi-layered product security standards, design, develop and implement those framework and guidelines.
• Ensures the program implements Fedramp compliance.
• Assess, maintain, and observe policies around PCI, SOC II, CSMS, Network and end user computing Security, GDPR, CCPA Compliance.
• Find gaps in current cloud security architecture design/configuration, suggest changes or enhancements (authentication, authorization, network segmentation, container configuration, bastion host setup, etc.). Find and repair any gaps in existing application security infrastructure to meet compliance standards.
• Earnestly surveys internal stakeholders for suggestions and adjusts activities accordingly.
• Performs other duties as assigned.
• Connecting with engineering and product teams to drive security framework and best practice
• Create internal standards and practices for data protection including encryption, tokenization, masking, anonymization, etc. based on the organization's data classification criteria and business requirements
• Create internal standards and practices to support infrastructure and operational assurance such as secure network design, remote access controls, secure practices for PAM/IAM, etc.
• Provide guidance and direction in the best-practices implementation of security technologies such as firewalls, intrusion prevention/detection, secure email gateways, endpoint protection, SIEM/UEBA, etc.
• Design conceptual and technical design artifacts in alignment with long term business and enterprise security strategies
• Interpret business, technology, and threat drivers, and create practical security roadmaps to deal with these drivers
• Architect and design security solutions that enforce security consistently across internally created, commercial-off-the-shelf and cloud-based applications
• Advises senior leadership on emerging technologies and solutions
• Act as a subject matter expert to interpret the results from vulnerability scans (dynamic testing and static code analysis) and work with developers to remedy vulnerabilities
• Observe and triage vulnerabilities reported by vendors and researchers
• Create application security policy and standards/best practices
• Review security logs on a regular basis to identify anomalous events and investigate possible breaches to the company's security
• Leading knowledge share sessions with as required
• Provide interpretation and remediation of vulnerabilities across a variety of applications and platforms
• Inform and demonstrate vulnerabilities to application developers and/or QE teams as needed; provide recommendations for mitigation issue reports on assigned application and system scans
• Observe and track progress of found vulnerabilities and maintain a historical log
• Take part in design reviews with Development teams as needed

The Offer

• Competitive Salary: Up to $180K/year, DOE

You will receive the following benefits:

• Medical Insurance & Health Savings Account (HSA)
• 401(k)
• Paid Sick Time Leave
• Pre-tax Commuter Benefit

Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.