Position Description

Senior Information Security Cloud Architect
Location Montpelier, VT or Dallas, TX
Job Code 07ITIT79
# of Openings 1
Apply Now

Senior Information Security Cloud Architect     LOCATION: Montpelier VT or Addison, TX

What’s it like to work here?

At National Life, we do work that matters in a culture where people matter. Be part of a growing company, where you drive your career and have an impact every day.  We believe that growth isn’t just about numbers, it's about keeping promises to our customers and each other.  We see ourselves as “do gooders” who contribute to our company, our cause and our communities. 

What will my role look like?

As a Sr. Information Security Cloud Architect, you will work closely with IT and business senior leaders to drive a security-minded culture, while defining standards and maintaining security controls at the Enterprise level. Within our growing organization, you will have the critical responsibility to identify, document and communicate complex security and technical issues, in a simplified, non-technical way to a broad audience; from developers to senior executives. You are a curious, self-starter joining an organization that is technologically and digitally transforming. You are willing to challenge the status-quo with the mindset of continuous improvement and a drive for seamless execution.  Reporting to the Director of Information Security, you will be a security champion that influences and inspires people from a range of disciplines, as well as colleagues and internal clients at every level.

Define and Design

  • Work across the business to define technical and functional requirements covering areas of software design, including microservice APIs, Cloud Services (Azure, AWS, etc.), and XaaS integration

  • Work with software/infrastructure architects and leads to ensure security components (security technology, operations, and management) are integrated into the design as defined in the requirements

  • Azure Enterprise Mobility and Security Suite (EM+S) design and implementation

  • O365 Security and Compliance control and standards

  • Governance process to ensure continued compliance to stated security design requirements

  • Assist in designing containerization/microservices security architecture, standards and procedures

  • Design and develop cost effective security solutions that meet functional, technical, and performance requirements

Evaluate

  • Review security architecture deliverables throughout software/system development to ensure quality and requirement traceability

  • Security design with stakeholders to ensure the design satisfies the requirements.

  • Ensure adherence to all regulatory and security industry best practices (NYDFS, FINRA, OWASP, SANS, NIST)

  • Assess the software/systems security architecture, ensuring that it meets business and security requirements, as well as industry regulations

  • Security Architecture from hardware, network and software

  • Identify gaps and omissions in the end to end solution

  • Take ambiguous requirements and identify, suggest, and implement effective compensating controls in a complex, fast-moving, and regulated cutting-edge environment

Collaborate and Communicate

  • Identify and communicate any cross area or cross release issues that affect other project areas

  • Work with other software/infrastructure architects and leads to define a governance process to ensure continued compliance to stated security design requirements

  • Document and communicate the status of progress against plans, taking corrective action as necessary

Qualifications:  Does this sound like you?

Education & Experience

  • Bachelors (BS) degrees in related technical field AND 6 years’ IT Security experience or 10 years’ experience including following:

  • Designing and building secure systems, networks, and infrastructures

  • Defining enterprise, infrastructure, or application security architecture and security standards

  • Defining cloud architectures and API web-services delivery, risks, and controls

  • Experience in two or more of the following security frameworks and standards; NIST CSF, NIST 800-53, ISO/IEC 27001, ITIL, COBIT, SABSA, TOGAF

  • 4+ years demonstrated experience leading design and implementation of technologies in a Microsoft Azure public cloud environment

  • Experience with Cloud Security Alliance Framework

  • Experience designing and implementing Container Security, API Security, and Azure Cloud Security

  • Demonstrated experience in security integration using oAuth, OpenID Connect, SAML, and LDAP

  • Certified Information Systems Security Professional (CISSP) required or able to attain within 6 months of hire

  • Strong knowledge of Containerization technologies such as; Kubernetes, Openshift, Docker

  • Knowledge of security industry best-practices, including nonrepudiation, auditing, and monitoring

  • Familiarity with agile development

Preferred Credentials

  • Azure Solutions Architect

  • Offensive Security Certified Professional (OSCP)

  • Certificate of Cloud Security Knowledge (CCSK)

  • Information Systems Security Architecture Professional (ISSAP)

How You Show Up

You’re a coach who knows how to guide others.  You’re a good listener and an effective communicator who can execute, lead by example and add business value.

You want to part of a culture and a team where you have a voice, and you respect the voices of others.

Back Apply Now