Cybersecurity Solutions Architect

About The Position

Requirements

• Minimum 8 years of Information Security experience with a Bachelor’s Degree.
• Minimum 3 years experience in a Security Architecture function.
• Create and review system architecture diagrams in Lucidchart or equivalent tool.
• Experience in SaaS and Cloud architectures – Azure, AWS, M365, and exposure to SAP 4/HANA, Workday, Salesforce, and other SaaS solutions.
• Experience with Cybersecurity frameworks – NIST CSF, CSA Cloud Controls.
• Familiarity with operational tools such as JIRA, ServiceNow, OneTrust.
• Experience with contractual and regulatory standards such as GDPR, CCPA, FINRA, TISAX, SOX.
• Experience with third party security assessments and standards – SOC, ISO27001, SIG.
• Ability to communicate complex messages in a clear and concise manner with stakeholders at all levels.
• Excellent organizational skills and ability to communicate with internal/external entities and executives.
• Effective leadership skills with demonstrated ability to coordinate people and teams to project/activity completion.
• Ability to work in team environment sharing responsibilities.
• Ability to work in a flexible environment where requirements and procedures continuously evolve.

Nice To Haves

• Cloud architecture certifications preferred.
• Cybersecurity certifications CISM, CISSP or equivalent work background preferred.

Responsibilities

• Lead the solutions architecture function to ensure security is integrated early in the development lifecycle for in-house applications or SaaS based solutions, infrastructure projects and technology processes.
• Partner with business and technology teams to identify and document workflows, system architecture, data flows and develop appropriate security considerations.
• Leverage Threat Modeling techniques to identify security threats, vulnerabilities, and attack vectors across the solution (infrastructure, application, data).
• Ensure the security considerations identified are implemented and the solutions are configured securely.
• Develop secure patterns for foundational technology solutions based on CAA security standards and continually educate technology stakeholders on the adoption of patterns.
• Key focus on security integrations includes secure access and authorizations, audit logging, secrets management, data protection, data security and other functional third-party integrations.
• Support the SaaS/Third Party security assessments and collaborate with service owners, business leads and vendors to develop a managed solution aligned with CAA security policies.
• Identify risks and provide mitigating controls or risk treatment options for a given solution.
• Develop training for technology team members to increase awareness on security practices for onboarding new technology solutions.