Senior Security Architect

Provides advanced level skills and knowledge in the design and review of secure networks,
applications, systems, infrastructure, environments and security systems, ensuring requirements
are in line with Corporate information security policies and processes, as well as Line of
Business (including Cloud) security standards.

Qualifications:

• Minimum of 5 years related experience in an information security role, supporting security programs and security engineering/architecture in complex enterprise environments.
• Hands on experience with enterprise security architecture, engineering and implementation required.
• Ability to communicate with developers to explain how security controls and requirements pertain to their code and products.
• Familiarity with programming languages such as java, python, etc.
• Knowledge of cloud architecture and containers.
• Knowledge of compliance program security controls, like ISO 27001, SOC 2 and HITRUST as applied to cloud SaaS, PaaS and IaaS operations.
• Preferred, but not required: Bachelor-level university degree in a relevant field from an accredited university, or equivalent.

Provides advanced level skills and knowledge in the design and review of secure networks,
applications, systems, infrastructure, environments and security systems, ensuring requirements
are in line with Corporate information security policies and processes, as well as Line of
Business (including Cloud) security standards.
Evaluates existing and proposed technical architectures for security risk, provides advanced
technical advice to support the design and development of secure architectures and identifies
security controls to mitigate those risks.
Provides technical leadership regarding security protocols related to all aspects of enterprise and
cloud computing.
Evaluations of security architecture may include design assessment, risk assessment, threat
modeling and code review.
Designs automated toolsets for implementing security controls, and monitoring the security of
networks, systems and applications.
Identifies and prioritizes security design issues and vulnerabilities.
Conducts security research regarding threats, troubleshoots issues and manages upgrades on
security platforms.
Provides advanced level advice on data security issues, compliance, and privacy requirements.
May train and mentor other staff.