RECOGNIZED LEADER: Rated #1 Prepaid Wireless Provider in the U.S.
TECHNOLOGY DRIVEN: Opportunity to work with state-of-the-art technology
TEAMWORK: A supportive team environment that thrives on innovation.
CULTURE: An entrepreneurial focus, where ownership and ingenuity are expected.
BENEFITS: Medical, Dental & Vision coverage, 401k, Educational Assistance, Life Insurance, Short-and Long-Term Disability, Employee Assistance Program, Vacation, Paid Time Off, Health & Wellness Resources and Employee Discounts.
WHAT YOU WILL DO:
As the Security Architect, you would work alongside the Chief Information Security Officer to define, establish, and implement a strategic enterprise security vision that aligns to the transformation journey of the business.
The SECURITY ARCHITECT has a solid background in Enterprise policy and security, with the ability to strategically translate on-premises security requirements to an elastic cloud environment, demonstrating a strong understanding of the integrations required. The ideal candidate will have significant experience collaborating and providing guidance to Executives/CISO/Enterprise Architects on decisions relating to Enterprise/ Cloud solutions that adhere to best security practices while promoting operational excellence and performance efficiency. The Security Architect will ensure proper documentation is in place at every level as well as contribute to high-level, strategic technical documentation and recommendations. Additional tasks could include the development and presentation of clear artifacts depicting gaps and corresponding security solutions to Enterprise executives. This position will also entail mentoring other teams and providing SME-level guidance, clearly communicating technical requirements to the implementation teams and supporting the effort to secure Tracfone's resources across the on-premises and AWS cloud environment among all Tracfone personnel.
The Security Architect will review and undergo gap analysis of the existing security architecture and make recommendations on improvements. The Security Architect will lead the Information Security strategy, a part of a wider transformation.
RESPONSIBILITIES:
- Determine the strength of the foundations for security within the organization and ensure that the vision, strategies, processes, people, and technologies are aligned and organized effectively, to optimize Cyber Security in support of the business goals (IAM, GRC, Cyber Security Operations (CyberSec Tools – Endpoint Security, Vulnerability Scans, Pen Test Management, Security Architecture (SAFe), Business Continuity, DR (Disaster Recovery), SecMan (Subset Change Management), Config Management, and DEVSECOPS Design and implementation.
- Design and build security into organizations from 'top to bottom' and from 'bottom to top', in a clearly defined security by design vision implementing DEVSECOPS (CyberSec/ InfoSec Champions and Teams to build a security aware and proactive culture.
- Determine the strength and appropriateness of technical designs in mitigating relevant Cyber threats
- Plans, manages, and organizes the delivery of Security Architecture
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Works in the large-scale transformation program, building the capability to assess and design Cyber Security
- Leads architecture discussions and security assessments related to software services in a cloud environment
- Advocate and architect new security requirements and solutions for next generation cloud capabilities and services
- Represents technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
- Collaborate with other architects, engineers, developers, and compliance analysts to harden on-prem and cloud infrastructures and applications
- Assessing internal and external systems, providing controls, and validating that the controls have been met and are maintained
- Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
- Participates with Enterprise executives to establish strategic plans and objectives, and regularly contributes to technical recommendations.
- Communicates clearly with all constituents and serves as a mentor and SME.
- Collaborates across multiple teams to strategically translate on-premises security requirements to an elastic Cloud environment.
- Collaborates across multiple teams to achieve secure and efficient Cloud/ on-premises integrations and aligns activities to achieve the future state capabilities.
- Provides guidance on Enterprise Cloud solutions that adhere to best security practices while promoting operational excellence and performance efficiency.
- Provides high-quality documentation of processes and guidelines, developing artifacts that depict the security gaps and corresponding recommendations for security solutions.
- Analyzes detailed design components as well as high-level architectural blueprints, contributing to decisions on application Cloud readiness based on Tracfone policy guidelines.
- Defines, communicates and drives security controls matrix design and implementation, and monitors compliance to Enterprise-level security standards.
- Designs, analyzes, and implements testing plans to ensure security guardrails cannot be compromised.
- Ensures automated security validation and event-driven automation.
- Represents Cloud security support in significant projects and performs the most complex operations and administration tasks.
- Leads Level 3 and 4 incident recoveries and root cause analysis.
- Proposes opportunities to improve results based on targeted or continuous assessment.
- Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations.
- Responsible for the selection and delivery of strategic network security, access control and secure transaction/messaging solutions.
- Establishes strategic vendor relationships for security products and services; develops enterprise-wide security incident response plans and strategies that includes Integration with business, compliance, privacy, and legal constituents and requirements.
Required Skills
Required Experience
Bachelor’s Degree required.
Preferred Cyber Security related qualification(s) such as:
- Cloud Security–related certifications (AWS/Azure Professional or Advanced certifications preferred)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Registered Technical Security Architect (CREST)
- Amazon Web Services (AWS) Solutions Architect
- Amazon Web Services (AWS) Security Specialty
- Certified Ethical Hacker (CEH)
- Global Information Assurance Certification (GIAC)
- 8-10+ years of experience in Information Security-focused efforts, with demonstrated ability to distill complex security problems and drive toward creative solutions while complying with Enterprise policies.
- Experience participating with Enterprise executives to establish strategic plans and objectives.
- Experience in translating on-premises security requirements to an elastic Cloud environment.
- Experience in designing, analyzing, and implementing testing plans to ensure security guardrails cannot be compromised.
- Clear understanding of overall systems architecture and how to leverage specific components.
- Experience in hands-on roles, with a focus on operational and security-focused tasks.
- Experience with enterprise architecture and working as part of a cross-functional team to design and implement secure solutions
- Understanding of Cloud infrastructure environments and the challenges associated with Enterprise integration, with demonstrated ability to grasp and contribute to big-picture strategy.
- Advanced knowledge of information security risk assessment design and delivery.
- Experience utilizing and assessing organizations security and control standards and frameworks such as ISF, ISO2700x and NIST800-53.
- Understanding of IT systems security concepts, trends and practices.
- Strong project and program management experience partnering cross-functionally to facilitate the development and management of information security culture in high-growth fast pace enterprises.
- Strong interpersonal and communication skills; ability to work in a team environment. Ability to communicate technical information effectively in a written documentation.
- Experience with analyzing and securing Big Data/ Data Lake/ Data Stores prior to Cloud migration (Encryption (DIT, DAR, DIU), HSM, Key Management.
- Demonstrated ability to work independently with little or no supervision.