Join our Talent Network
Skip to main content

Principal Cloud Security Architect

Location: Addison, TX, United States
Date Posted: Sep 13, 2021

Job Description

Description

Principal Cloud Security Architect  

 

Securonix provides the Next Generation Security and Information Event Management (SIEM) solution. As a recognized leader in the SIEM industry, Securonix helps some of largest organizations globally to detect sophisticated cyberattacks and rapidly respond to these attacks within minutes. With the Securonix SNYPR platform, organizations can collect billions of events each day and analyze them in near real time to detect advanced persistent threats (APTs), insider threats, privilege account misuses and online fraud. Securonix pioneered the User and Entity Behavior Analytics (UEBA) market and holds patents in the use of behavioral algorithms to detect malicious activities. The Securonix SNYPR platform is built on big data Hadoop technologies and is infinitely scalable. Our platform is used by some of the largest organizations in the financial, healthcare, pharmaceutical, manufacturing, and federal sectors.

 

Summary:

 

 

Securonix is looking for a Cloud Security Architect to join our Cloud Engineering team to lead the design & development of the Cloud security architectures, policies, procedures, methods and tools in the Securonix SaaS environments. The Cloud Security Architect will work with Engineering and Product teams to continuously improve the security posture of the services.  Based on cloud architecting best practices, this individual will be expected to provide leadership and hands-on experience to teams in design, development, and maintenance of security for our SaaS service.  The ideal candidate is familiar with information security industry best practices, modern automation tools and Cloud environment. We are looking for someone with a security mindset who "thinks like an attacker".

 

 

 

 

Responsibilities:

  • Perform risk assessment of proposed and existing system architecture for compliance with security best practices, recommending technical, administrative and physical controls to mitigate identified risks

  • Develop service security and compliance requirements for SaaS multi-tenant systems

  • Design and develop cloud security architectures and perform architecture design reviews

  • Develops standards in partnership with Engineering, Infrastructure Services, and Application Development.

  • Leading compliance efforts based on selected industry frameworks and compliance standards

  • Implement, maintain and improve existing industry best practices of operational security controls such as:

    • Monitoring

    • Identity and access management

    • Encryption and data security

    • Self-auditing

  • Provide guidance to R&D and Product Management on defining and prioritizing development of secure SaaS offerings

  • Prepare and deliver training and security awareness activities to the Engineering teams

  • Acquire relevant knowledge, remain up to date, attend security conferences and be involved with the security community

  • Drive and lead security processes, tools, methods, and knowledge and security enhancements

  • Continually evaluate new threats in the cloud, to identify the impact on IT and Business to develop and implement security controls

  • Provide recommendations for improvement and risk reduction by assessing the cloud security posture; and act as a change agent to oversee the vulnerability improvements.

  • Possess a firm understanding of the offerings within Amazon Web Services (AWS), GPC and the Microsoft Azure platforms. 

 

 

Basic Qualifications:

 

  • 10 years experience with Security Architect and/or Engineering, including 5+ years of experience with software security (security researcher, security engineer, security architect).

  • 5 years’ experience with Cloud platforms such as Amazon Web Services (AWS), Azure, or GCP

  • Bachelor’s Degree in Computer Science or related field, or additional 5+ years of experience

  • Experience in:

    • Infrastructure security, security SDLC and secure SaaS practices

    • Risk assessment and management, and threat modeling

    • Security reviews for code/design/architecture and requirements

    • Security compliance and frameworks such as SOC2, FedRAMP or CSA CCM

    • Hardening procedures

    • Network administration and security

    • Identity management and authentication systems and protocols (Active Directory, LDAP, SAML)

  • Strong hands-on experience in:

    • Linux/Unix and Windows OS

    • Network architecture and security configurations

  • Ability to identify and drive remediation of public and hybrid cloud risks

  • Experience in designing, implementing, and delivering security for cloud native, distributed computing and architectural solutions 

  • Expertise in performing Threat Modeling, generating security architectural requirements to software development and product teams

  • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML, etc).

  • Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc) preferred.

  • Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.

  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.

  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.

  • Ability to work independently with minimal direction; self-starter/self-motivated

  • Experience doing code review for configuration management tools and scripting languages

  • Excellent communication skills

  • Strong hands-on technical abilities

  • Strong computer literacy and/or the comfort, ability and desire to advance technically

  • Demonstrated ability to assume sole and independent responsibilities

  • Ability to keep track of numerous detail-intensive, interdependent tasks and ensure their accurate completion

.

 

Preferred Qualifications:

 

  • Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work

  • Intuitive individual with an ability to manage change and proven time management

  • Hand-on experience with AWS security best practices and AWS services

  • Security standards and practices (CSA, OWASP, SANS, etc.)

  • Security of relational databases (MySQL, MS SQL Server, Oracle)

  • Security management certificates (CISSP, CSSLP, CISM, etc.)

  • Has presented at security conferences (BlackHat, OWASP, etc.)

  • One or more below technical security certifications:

    • CCSP – Certified Cloud Security Professional

    • CISSP – Certified Information Systems Security Professional

    • CSSLP – Certified Secure Software Lifecycle Professional

    • CISM – Certified Information Security Manager

    • CSEC – SANS CIAC Security Essentials

    • CSP Security Certifications – AWS, Azure & GCP

  • Experience with FedRAMP, Govcloud certification

  • Up-to-date technical knowledge by attending educational workshops, reviewing publications

Securonix, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, genetic information, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state and local laws. Securonix complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

 

Securonix expressly prohibits any form of unlawful employee harassment based on race, color, religion, gender, sexual orientation, national origin, age, genetic information, disability or veteran status. Improper interference with the ability of Securonix employees to perform their expected job duties is absolutely not tolerated.

Save Job Saved
Share: mail

Similar Jobs