ZipRecruiter
Job Description We are looking for a Lead Information Security Architect who will be responsible for developing and maintaining a comprehensive information security architecture program. This role involves representing information security requirements across all technology solutions and business processes, covering multiple disciplines such as systems & networking infrastructure, DevOps, security, business applications, cloud security, and data architecture. The role oversees cybersecurity for our company's digital products, including software, firmware, or products containing code. This includes implementing a product security program to address cybersecurity throughout the product lifecycle. The role also involves identifying and mitigating technical and operational threats, analyzing the security, supportability, and feasibility of new technologies, and ensuring compliance with regulatory guidelines and industry best practices. This position requires high-level analytical problem-solving skills to diagnose and resolve complex technical issues, along with excellent process management and communication skills. Note: U.S. and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor at this time. To be Successful in this Role Develop an architectural vision to support the continued growth of the product suite Working knowledge of Data Security Best Practices: At Rest, In Flight, In Use Experience with privacy-enhancing technologies and encryption techniques Knowledge of cloud security architecture strategies, frameworks, and reference models Ability to develop effective partnerships with senior management and peers, and explain technical concepts to non-technical executives Build risk models and analyze security weaknesses in complex deployments Provide security expertise on cloud architecture, design, implementation, maintenance, governance, and risk management projects Work with governance teams to automate and establish best practices for AWS, Azure IAM policies, roles, federation, etc. Conduct automated or manual security validation of cloud templates and infrastructure Collaborate with business units to ensure solutions align with policies, standards, and security practices Establish and enforce standards and guidelines for security architecture, including infrastructure, development, and data design Partner with stakeholders to build a scalable and agile security architecture Assess current IT portfolios and design future strategies to meet business goals Recommend strategic technology use to enhance business results and incorporate into roadmaps Ensure alignment with long-term business needs, providing thought leadership Optimize architecture components for cost, flexibility, reliability, and security Balance strategic planning with urgent delivery in a fast-paced environment Manage influence and build credibility as a thought leader Build long-term relationships with internal customers and stakeholders Document architecture designs and analyze relationships between components You Will Have 8+ years of experience in information security architecture, with expertise in defense-in-depth reference architectures Relevant industry security certifications (e.g., CISSP, CISM, CISA, CCSP) Knowledge of information management, SDLC, ITSM, agile, and lean methodologies Familiarity with SaaS, IaaS, PaaS, SOA, APIs, microservices, and analytics Hands-on experience with AWS, Azure, and GCP Understanding of security solutions like IDS, IPS, SIEM, vulnerability scanning, and compliance Experience with attack mitigation, network protocols, OS hardening, web security, penetration testing, cryptography, monitoring, incident response, and security automation Proven experience in developing security plans, standards, and documentation #J-18808-Ljbffr