This is a remote position.
Location
Remote from LATAM
Employment Type
Full-time contractor
Overview: A Senior Security Architect is a highly skilled professional responsible for designing and managing the strategic design of systems, policies, and technologies that protect an organization's IT and business assets from cyber threats. They will ensure that the organization's security architecture aligns with business objectives and industry standards while safeguarding against current and emerging threats.
Key Responsibilities: Security Architecture:Design and maintain robust security architectures, including contextual, conceptual, logical, and physical aspects, adhering to security frameworks and best practices. Develop and manage the Security Architecture Lifecycle model.
Security Strategy:Develop and maintain a comprehensive security strategy aligned with the organization's overall business objectives, leveraging security frameworks like SABSA, O-ESA, and OSA. Develop and manage security strategy roadmaps.
Security Architecture Artifacts:Development of models, policies, standards, and procedures aligned with security architecture models.
Security Standards:Ensure compliance with industry standards and regulations, such as NIST, PCI DSS, GDPR, and ISO 27001, while incorporating security frameworks for a structured approach.
Risk Assessment:Conduct regular risk assessments using established methodologies to identify potential vulnerabilities and prioritize security measures. Ensure integration with broader enterprise risk management practices.
Technology Evaluation:Research and evaluate new security technologies and tools to enhance the organization's security posture, ensuring alignment with security frameworks and best practices.
Cloud Security:Design and implement cloud security architectures for platforms like AWS, Azure, and GCP, ensuring the application of cloud security standards.
Incident Response:Collaborate with incident response teams to ensure security architecture supports the detection and response to threats. Ensure architecture evolves based on post-incident reviews.
Emerging Threats:Stay current on emerging security threats and trends, and incorporate mitigation strategies into the security architecture.
Compliance and Governance:Ensure alignment with governance frameworks such as COBIT, and oversee security audits and regulatory compliance activities.
Collaboration:Work with cross-functional teams to ensure security requirements are embedded in systems development, IT operations, and business processes.
Required Skills and Qualifications: Technical Expertise:In-depth understanding of security principles, concepts, and technologies, including detection, prevention, and response controls. Experience with encryption, authentication mechanisms, network security, and application security.
Cloud Expertise:Experience with securing cloud platforms (AWS, Azure, GCP), including cloud-native security tools, cloud security best practices, and architecture design patterns.
Certifications:Relevant security certifications such as CISSP, CISM, ISSAP (Information Systems Security Architecture Professional), Certified Cloud Security Professional (CCSP), and certifications aligned with security architecture frameworks like SABSA, O-ESA, and OSA.
Experience:Minimum of 7-10 years of experience in security architecture and design, with a focus on applying security frameworks. Experience in designing security for both on-premises and cloud environments.
Automation and DevSecOps:Familiarity with DevSecOps methodologies and tools to integrate security into the software development lifecycle. Experience with Infrastructure-as-Code (IaC) security practices.
Security Operations:Knowledge of security operations practices and tools, including SIEM, vulnerability management, and identity and access management (IAM).
Problem-Solving:Ability to identify and resolve complex security issues, leveraging security frameworks for guidance and best practices.
Communication and Negotiation:Excellent communication skills, both written and verbal, to effectively collaborate with technical teams, stakeholders, and executives.
Leadership:Ability to lead and mentor security teams, promoting the adoption and implementation of security frameworks. Experience influencing organizational change related to security culture and practices.
Business Acumen:Ability to align security strategies with business goals and articulate the business value of security investments to stakeholders.
Compliance Knowledge:Familiarity with privacy laws and regulations such as GDPR, CCPA, and HIPAA, and the ability to design security systems to ensure compliance.
What we offer 100% remote work
Company's Laptop
Salary in US dollars
Career Development
English lessons
Referral Program
Vacations - 12 days per year
Personal time off - 2 days per year
Sick leave - 2 days per year
Day off on your birthday
Stateside is an equal opportunity employer dedicated to a policy of non-discrimination in employment on any basis, including age, sex, color, race, creed, national origin, religion, marital status, sexual orientation, political belief, or disability.
#J-18808-Ljbffr