Master Security Architect

About The Position

Requirements

• Minimum 8 years of security architecture and/or engineering experience including a solid technical foundation in security and compliance.
• Advanced technical capabilities in a wide array of platforms and systems (e.g., Linux, Windows, VMWare, SQL, etc.).
• Familiarity with industry and government security standards and baselines such as the DISA STIGs, CIS benchmarks, NIST 800-53, NIST Risk Management Framework, FIPS 140-2/3, the NIST Cybersecurity Framework and NIST 800-171.
• Experience with Fedramp approval process and securing solutions deployed to public and private clouds, including AWS, Azure or GCP.
• In-depth knowledge of risk assessments, network security, cryptography, authentication, secure systems development, and authorization.
• Strong understanding of application security patterns including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, mobile authentication and key exchange) strategies.
• Familiarity with IAM federated identity strategies - SAML, OAuth, and OIDC protocols.
• Ability to facilitate meetings with strong presentation skills and ability to quickly discern differing points of view versus derailing points of view.
• Strong/expert level understanding of trends in the industry for information security policy, audit, compliance, and risk management.

Nice To Haves

• CISSP, CSA, Security+ certifications.

Responsibilities

• Working with Hitachi Vantara engineering teams and customers to ensure products meet US Government security requirements.
• Evaluate the posture and compliance of security offerings (i.e., product or services) based upon internal/external criteria (e.g., standards, checklist, scanning tools, etc.), and perform gap analysis.
• Hardening Hitachi Vantara product and service offerings.
• Assisting the process of achieving and maintaining ATOs for both traditional and Fedramp based solutions.
• Drafting, reviewing, and maintaining documents like System Security Plans (SSPs), Contingency Plans, and Plans of Action and Milestones (POA&Ms).
• Providing security guidance and define requirements for Hitachi Vantara’s internal systems, customer-facing services, and products.
• Identifying security design gaps in existing and proposed product and service architectures and recommend changes or enhancements.
• Collaborating with other leaders of Hitachi Vantara including sales, product security, and engineering.

Benefits

• Industry-leading benefits, support, and services that look after your holistic health and wellbeing.
• Flexible arrangements that work for you (role and location dependent).