Security Architect - KC
The Security Architect will be responsible for analyzing and designing security solutions for applications and infrastructure and providing that expertise and consulting to clients. This is a crucial position to our clients’ organization as you will help to identify and mitigate security risks to ensure that we are providing exceptional service to our clients and customers. If you are passionate about creating real solutions that provide businesses with cutting-edge technology, want to be challenged to think creatively, and be in a position where you can impact the company on a daily basis, then this is the place for you with a dynamic corporate environment built on teamwork and personal responsibility.
- Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients.
- Identify and document information security risks and propose mitigating controls
- Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security requirements.
- Research, design, and develop new information security controls for clients
- Assess current IT environments and make recommendations to increase security
- Assist clients in troubleshooting and resolving information security issues
- Author project and support documentation and diagrams
- Implement security solutions.
- Other duties as assigned
- Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes.
- Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS, PaaS, and other cloud environments.
- Architected solutions within Microsoft Azure, Windows Azure Pack, Amazon Web Services (AWS) and other cloud providers and SOA for cloud-based services.
- Worked with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
- Performed security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks.
- Worked on large scale cloud based services (including SaaS, PaaS, IaaS) and understand security challenges involve in deploying Cloud Applications.
- Created and maintained security policies and procedures, managing the protection of information systems and assets.
- Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies.
- Hand-on experience with multiple security technologies such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.
- Solid understanding of a range of compliance, regulatory and legal requirements and relevant principles, best practices and standards across multiple industries. Preferred industries: financial services, telecommunications. Examples would include: PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA and TCG.
- Have working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML, Ping, Okta, etc) and key management (Safenet, Key Vault, Vormetric, other).
- Cloud security and/or architecture related certifications – CCIE Security, CIISP, MCSE, MCSD, AWS Certified Solutions Architect