Security Architect

Overview

The Security Architect within Radancy’s Enterprise Architecture (‘EA’) group works with systems and software engineers, as well as Radancy’s Governance, Risk, and Compliance group (‘GRC’) for all matters related to the design and development of secure application and infrastructure architectures for Cloud, Hybrid, and On-Prem infrastructure for internal and client stakeholders. The Security architect is responsible for advising teams on secure design standards, as well as coordinating with those teams to implement effective and secure solutions and producing design documents and artifacts used in the implementation phase of those projects. The Security Architect works closely with the GRC team to ensure proper oversight of the security and compliance of the organization.  The GRC team’s focus is to identify current and future risks to Radancy’s Unified Platform and corporate computing environments, and to provide consistent and coordinated responses to Information Security, Regulatory, and Compliance incidents and events.  

Studies have shown that women and people of color are less likely to apply for jobs unless they believe they meet every one of the qualifications in a job description. Our top priority is finding the best candidate for the job and if you are interested in the position, we would encourage you to apply, even if you don’t believe you meet every one of the qualifications below.

Verantwoordelijkheden

• Understand the security requirements of our Product software stack and IT environment.

• Apply threat modeling techniques to evaluate risks and threats to Radancy technology; Formulate security architecture recommendations based on those threat models. 
• Actively participate in systems design to ensure consistent implementation of security policies and procedures. Support technology teams in the project kickoff and design phase, guiding teams to appropriate security architectures. 
• Ensure that existing systems and network architecture comply with company security policies, standards, and procedures. 
• Provide technical guidance and expertise for internal technology teams to enhance their security practices, educate process owners on the importance of controls, and an effective control environment. 
• Review information risk and advise on Technology Projects, Change Management Process, Significant changes to IT procedures, IT Asset Management, 3rd Party Vendor Contracts, IT Disaster Recovery Plan/Process, Record Retention Process, and Internal or external audit findings. 

• Stay up to date on Cybersecurity trends and advances and help to update the information security strategy to leverage new technology and threat information. 
• Research emerging technologies in support of security enhancement and development efforts.
• Assist in responses to external audits.
• Create regular reports for upper management based on metrics and data analysis. 
• Continuously identify gaps in security program coverage.
• Develop and enhance information security documentation, such as policies, standards, and procedures. 

Qualifications

• Familiarity with process and architecture modeling (e.g., TOGAF, Archimate).
• Strong practical knowledge of web security standards (e.g., SANS Top-20, OWASP Top-10, etc.).
• Experience securing web applications and a strong understanding of web application design, functions and Software Development Life cycle. 
• Familiarity with the concepts of CASB, Data Lakes, Hadoop, Machine-Learning.

• Experience in analyzing data and providing metrics, technical diagrams, topology maps, reports, and presentations. 
• Technical Domain Knowledge: 

• Server and Desktop Operating Systems and Networking 
• Scripting and Programming experience  
• Access Management, including Remote Access/Authentication Solutions 

• EDR, AV, and SIEM tools  
• Cryptography, standards and protocols such as PKI, Key management (software and hardware based), key lifecycle, digital certificates, SSL/TLS, SSH, integration into overall security architecture and means to operationalize. 
• Wireless Security  
• Network Intrusion Detection and Prevention Systems 
• Cloud Technologies  

• Virtualization  
• CI/CD and Development Pipelines  
• Containerization 
• Authentication  

• 7+ Years working in IT, Information Security, Architecture, or Engineering (with an emphasis on Network/Systems/Cloud Security Architecture preferred).
• Industry Certification (e.g., CISSP, CISM, CCNP).
• Ability to occasionally adjust work schedule to meet business needs (occasional after hours and weekend requirements).
• Ability to work effectively with both local and remote staff, teammates, managers, MSPs, and contractors. 
• Ability to drive adoption of security architecture standards. 
• Familiarity with the following regulatory and control frameworks: ISO 27001, ISO 27002, NIST 800 series publications, SOC 2, HITRUST, CIS, CSA, GDPR, CCPA, Cross Border Data Transfer and Data Localization requirements.

 

Join the global leader in talent acquisition technologies that’s committed to finding new ways to leverage software, strategy and creative to enhance our clients’ employer brands – across every connection point. We’re looking for unconventional thinkers. Relentless collaborators. And ferocious innovators. Talented individuals who are ready to work towards solutions that transform the way employers and job seekers connect.

 

Salary Range: $135,000.00-$155,000.00
*The above range is based on a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, certifications, and specific office location.

 

Radancy is an equal opportunity employer and welcomes all qualified applicants regardless of race, ethnicity, religion, gender, gender identity, sexual orientation, disability status, protected veteran status, or any other characteristic protected by law. We actively work to create an inclusive environment where all of our employees can thrive.