Security Architect – AWS, Cloud, Threat, SOAR, remote
To work for a market leading SaaS provider of technology to the Financial Services industry to be based in London but is part remote.
Within their industry they use innovative architecture technology to enable their clients to ensure a wider reach of their services in a more effective and efficient way through their extensive use of APi extensibility.
They are looking for a top-level Security Architect who has extensive experience and a clear understanding within the CyberArk SaaS environments. The Security Architect will work with Engineering and Product teams to continuously improve the security posture of the services, whilst undertaking a leading role in the proactive security initiatives of the Global Security team. These will include leading threat hunting initiatives, penetration testing, red team, and the enhancement of their security operations and proactive security initiatives. The Security Architect will be familiar with information security industry best practices, modern automation tools and security testing in a Cloud environment. They will also be familiar with security monitoring, triage, technical incident response and threat intelligence capabilities. Someone with a security mindset who "thinks like an attacker".
• Perform risk assessments of proposed and existing system architecture for compliance with security best practices, recommending technical, administrative, and physical controls to mitigate identified risks
• Advise and collaborate on designing cloud security architectures and perform architecture design reviews
• Advise and collaborate on designing solutions to secure CI/CD pipelines
• Responsible for the Implementation, maintenance, and improvement of operational security controls
• Provide guidance to development teams on defining and prioritizing development of secure SaaS offerings
• Prepare and deliver security training activities to the development teams
• Acquire relevant knowledge, remain up to date, attend security conferences and be involved with the security community
• Drive and lead security processes, tools, methods, and knowledge and security enhancements
• Develop and enhance metrics that reflect the ongoing activities and successes of the Global Security team.
• Strong leadership.
• Understanding how to operate and develop security management systems
• Extensive experience with software security (security researcher, security engineer, security architect).
• Experience in Infrastructure security, security SDLC and secure SaaS practices
• Strong hands-on experience in:
o Cloud technologies and security controls in the cloud
o Network architecture and security configurations
o SIEM technologies
o Security Operations and Automation technologies (SOAR)
o Threat intelligence feeds and tools
• Think like an attacker
• Hand-on experience with AWS security best practices and AWS services
• Hand-on experience with threat intelligence and security operations best practices
• Security standards and practices (CSA, OWASP, SANS, etc.)