Cybersecurity Solutions Architect

Role & responsibilities

JOB SUMMARY

The Cyber Security Solution Architect will be responsible for transforming the way Syneos Health protects applications, software and code that it uses to support the company to accelerate patient therapies to market and thereby increase cyber threat resiliency.

This role will be a member of the Office of the CISO and a member of enterprise security architects.  As a key subject matter expert and leader within the team, this role will use a data and risk-based approach to driving enterprise initiatives, formulating requirements, patterns, and solutions to achieve risk mitigation.  To be successful, this role will act as a technical influencer, build cross-functional and organizational partnerships to deliver modern security engineering and operational solutions.

As an architect you will partner with the software engineering organization to design software security solutions, participate in proof of concepts and enable the engineering organization to deliver secure, operational solutions.  The role will own the software security program and initiatives and be responsible for reporting on progress to leadership and stakeholders. 

The scope of responsibility includes but not limited to supporting the transformation of security engineering into the early phases of enterprise delivery through defined Secure SDLC, Source code management, application security, and the transformation of DevSecOps across the enterprise.
The role will bring an everything-as-code security mindset to be applied across applications, APIs and platform engineering. 

To be successful, the role will need to define and identify technical and business risks along with enterprise requirements that can be consumed by a shared-responsibility model for engineering and operational controls.  Be a transformation agent by advocating for modern secure engineering principles and automation.   

Excellent oral and written communication skills, as well as effective organizational abilities, are essential due to the detailed and time-bound nature of the work and the extensive collaboration with others.

JOB RESPONSIBILITIES

•     Partner with software and platform engineering teams to: 
  o    Promote DevSecOps solutions and cultureo    Establish secure code management practiceso    Improve automated CI/CD pipelines with appropriate security serviceso    Automate enterprise security requirements into backlogso    Champion cloud application and platform security engineering practices.o    Delivery enterprise security patterns for software engineeringo    Participate in Proof of Concepts with the software engineering organization .
•     Educate and drive engagement of modern secure software principles within the organization by:  
  o    Being a strategic advisor in software security.o    Being a transformation agent in promoting a modern security engineering mindset. o    Performing design reviews to identify security architecture flaws.

QUALIFICATION REQUIREMENTS

What we are looking for:

• 57 years of experience in software security or related roles.
• Proven track record building and transforming secure software and platform engineering practices
• Building road maps and creating initiatives to address enterprise goals.
• Experience partnering with engineering teams to achieve security goals.
• Strong familiarity with source code management    
• Strong familiarity software exploitation techniques and Mitre @ttack framework.
• Strong knowledge of cloud platform security (AWS, Azure, Oracle Infrastructure Cloud)
• Someone with strong engineering mindset that software engineering experience
• Experience implementing pipeline automation and source code management

Additional standout skills:

• Hands-on experience with modern engineering technologies such as Kubernetes and Containers
• Experience with securing Terraform or other IaC platforms 
• Delivered secure coding practices to large engineering teams
• Familiar with API Security
• Enabling DevSecOps within large organizations

Education.

• Security Architecture TOGAF/SABSA
• Cloud security certifications for OCI, AWS or Azure (Azure preferred)