Sr. Lead Cybersecurity Architect

Job responsibilities

• Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
• Defines the technical target state of their cybersecurity product and drives achievement of the strategy
• Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems 
• Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
• Participate in security design and architecture reviews of projects, ensuring compliance with the latest security practices. 
• Develop and implement comprehensive security architectures for new and existing products
• Lead security assessments and threat modeling to identify vulnerabilities and recommend mitigation strategies. 
• Identify gaps in product architecture as defined by Senior Security Architects and create detailed documentation of threats and mitigations for small software applications, ensuring comprehensive coverage of security threats. 
• Work closely with stakeholders to communicate security risks and solutions effectively. 
• Adds to team culture of diversity, opportunity, inclusion, and respect 

Required qualifications, capabilities, and skills

• Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
• Hands-on practical experience in delivering system design, application development, testing, operational stability and enterprise level cybersecurity controls. 
• Advanced understanding of agile methodologies such as continuous integration and delivery, application resiliency, and security​ 
• Proficiency in automation and continuous delivery methods  
• Proficiency in all aspects of the Software Development Life Cycle​ 
• Demonstrated proficiency in software applications and technical processes within a technical discipline (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)   
• A deep understanding of cloud security architecture (AWS), security protocols, cryptography, authentication, authorization, vulnerabilities, and remediation techniques. 
• Demonstrated knowledge of application security, network security, IT risk management, and architectural concepts and patterns. 
• A solid understanding of product security fundamentals, with expertise in performing threat modeling and a working knowledge of exploit writing. 
• Familiarity with modern front-end technologies (React, Javascript etc.). 
• Excellent communication skills, with the ability to articulate security risks to executive audiences while also engaging in solution development with engineers. 

• Experience in incident response. 
• SANS certification, CISSP, and/or AWS certifications. 
• Proficiency in coding in one or more programming languages.
• Strong knowledge of security frameworks, standards, and best practices (e.g., OWASP, NIST, ISO 27001). 
• Excellent problem-solving skills and the ability to think critically and strategically. 

#CTC