Job responsibilities
- Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks
- Provide thought leadership for securing on premise and cloud based AI/ML solution architecture
- Design comprehensive security architectures for cloud infrastructure projects
- Design secure networks and systems based on industry standards and best practices
- Identify and address security vulnerabilities, security risks, and other compliance issues
- Create and communicate threat models
- Partner with product managers to create key objectives and roadmaps
- Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability
- Serves as function-wide subject matter expert in one or more areas of focus
- Actively contributes to the engineering community as an advocate of firm wide frameworks, tools, and practices of the Software Development Life Cycle
- Adds to team culture of diversity, equity, inclusion, and respect
Required qualifications, capabilities, and skills
- Formal training or certification on software engineering/architecture concepts and 5+ years applied experience
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Advanced in one or more programming languages or applications
- Advanced Technical knowledge in architecting, designing, and Integrating security solutions in a large-scale enterprise of highly distributed applications
- Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.)
- Strong knowledge of Artificial Intelligence and Machine Learning Security concepts, threats, and vulnerabilities including Generative Large Language Models
- Strong understanding of cloud computing concepts and services such as AWS, Azure, GCP, etc
- Ability to tackle design and functionality problems independently with little to no oversight
- Practical cloud native experience
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture
Preferred qualifications, capabilities, and skills
- Knowledge of networking protocols and techniques, such as TCP/IP, routing, DNS, DHCP, etc.
- Knowledge of IAM concepts, including but not limited to provisioning, PAM, RBAC, ABAC, SCIM, LDAP, and governance and authorization standards
- Experience with federated identity platforms/products
- Experience with API security and public cloud APIs and integration
- Deep familiarity with frameworks such as NIST 800-53, OWASP, CVSS, the MITRE ATT&CK frame, MITRE Atlas, PCI, and Gramm-Leach-Bliley Act (GLBA).
- Experience using cloud infrastructure as code (IaC) using frameworks like Terraform
- Experience with microservices designs and implementations including docker, Kubernetes, etc…