Security Architect

What are we looking for

Key Responsibilities:

• Collaborate with Information Security and IT Leadership to define the security roadmap and drive strategic initiatives.
• Design, engineer, and implement security solutions that adhere to a defense-in-depth strategy while meeting business requirements and processes.
• Periodically review existing security solutions to identify opportunities for improvement, enhancing security capabilities and adding value to the enterprise.
• Assist in designing security elements for on-premises compute, storage, and network infrastructure services.
• Contribute to the design of security elements for cloud infrastructure and platform services within Microsoft Azure.
• Work with the Information Security department to design technical security controls that enforce security policies.
• Support project managers during project planning and execution phases, creating comprehensive documentation for handover to operations teams.
• Provide regular updates on project tasks and non-project assignments.
• Support the Security Operations team in investigating major security incidents.
• Deliver Level 4 (L4) technical support for escalated major incidents and security incidents to restore production services.
• Stay current on emerging threats, security trends, and risk mitigation strategies, providing recommendations to the Security Operations team as needed.
• Create detailed Technical Design Documents and other required documentation.
• Train Security Operations team members on new security solutions relevant to their roles.
• Collaborate effectively with multi-cultural teams across different time zones.

Required Skills & Qualifications:

• Bachelor's degree in information systems or equivalent.
• Proven experience architecting and designing security solutions in on-premises enterprise environments that provide technical controls to meet security policy requirements.
• Demonstrated experience securing

  Microsoft Azure

  cloud infrastructure and platform services.
• Experience with log analytics solutions such as

  Splunk

  or

  Azure Log Analytics

  .
• Expertise in securing enterprise and globally distributed networks, including firewalls, IDS/IPS, DDoS protections, encryption tools/protocols, and privilege access management systems.
• Familiarity with vulnerability management systems such as

  Rapid7

  or

  Nessus

  .
• Knowledge of data in-transit and data-at-rest encryption solutions and key management solutions.
• Understanding of advanced endpoint protection solutions for zero-day defense against threats.
• Strong consultative and problem-solving skills at a cross-functional level.
• Ability to quickly learn, self-start, and work both independently and as part of a team.
• Excellent verbal and written communication skills.
• Current security certifications (e.g.,

  CISSP, CISM, CCSP

  ) are highly desired.