Jobs · Information Technology · Georgia

Security Architect

Veeam Software · Alpharetta, GA · Today
On-siteInformation Technology$150k–$234k/yrFull-time

Duties

  • Develop and maintain enterprise-wide security policies, standards, procedures, and guides.
  • Develop design and architecture on multi-component systems and services utilized by the Company.
  • Ensure control of their implementation.
  • Design and support secure system integrations between cloud platforms and enterprise data sources, including Azure Databricks, Salesforce, and ServiceNow.
  • Plan resources necessary for the implementation of security related projects.
  • Develop work plans for technical teams and monitor their implementation.
  • Participate in technical or project documentation development.
  • Participate in architecture and change review boards to assess security risks of proposed solutions across IaaS, PaaS, SaaS, and on-premises environments to propose mitigation strategy and controls.
  • Design and implement security controls aligned with frameworks such as NIST, ISO 27001, CIS Benchmarks, OWASP, MITRE ATT&CK and cloud security best practices.
  • Lead security assessments and audits to identify compliance gaps and recommend remediation strategies.
  • Design secure CI/CD pipelines incorporating static (SAST) and dynamic code analysis (DAST), software composition analysis (SCA), and vulnerability scanning.
  • Plan and manage security projects including infrastructure migrations, tool deployments, and process improvements.
  • Collaborate with enterprise architects, developers, and business stakeholders to ensure secure system design and implementation.
  • Evaluate and implement security technologies such as SIEM, Hardware Security Modules (HSMs) for code signing and key management, CNAPP, Zero Trust and other cloud-native security tools.
  • Design, implement, maintain and improve security processes, including vulnerability management, patch management, and incident response.
  • Collaborate with business and management to gather, analyze, and prioritize new projects.
  • Analyze and apply security best practices.

Qualifications

  • Bachelor’s degree or foreign equivalent in Automation Engineering, Information Technology, or related field.
  • 5 years of progressive work experience as a Security or IT Architect, or related occupation.
  • At least 2 years of prior work experience in each of the following:
    • Working on virtualization (VMware or Hyper-V) and designing security controls in cloud platforms (Microsoft Azure and AWS).
    • Reading and creating components, data flow, and business process diagrams based on BMPN and UML visual modeling languages.
    • Working on NIST, ISO 27001, CIS Benchmarks, OWASP, and MITRE ATT&CK frameworks as well as vulnerability management tools: Tenable One, Nessus, ServiceNow vulnerability management, and CMDB modules.
    • Securing CI/CD pipelines: SAST, DAST, SCA, and designing code signing processes using Hardware Security Modules.
    • Designing network architecture and security (VPN, Network Firewalls, and WAFs) and implementing Zero Trust architecture (Entra ID conditional access policies, and zero-trust access to private applications using Entra ID Application proxy or Zscaler Private access).
    • Working on Privileged Access Management and secret storage solutions using tools: Azure Key Vault, AWS Key Management Service, Delinea Secret Server, or Hashi Corp Vault.
    • Working on SaaS platform security using the following: Microsoft 365 applications, Salesforce, ServiceNow, and Azure Databricks.

Special Requirements

  • Must have at least 2 years of prior work experience in each of the following:
    • Working on virtualization (VMware or Hyper-V) and designing security controls in cloud platforms (Microsoft Azure and AWS).
    • Reading and creating components, data flow, and business process diagrams based on BMPN and UML visual modeling languages.
    • Working on NIST, ISO 27001, CIS Benchmarks, OWASP, and MITRE ATT&CK frameworks as well as vulnerability management tools: Tenable One, Nessus, ServiceNow vulnerability management, and CMDB modules.
    • Securing CI/CD pipelines: SAST, DAST, SCA, and designing code signing processes using Hardware Security Modules.
    • Designing network architecture and security (VPN, Network Firewalls, and WAFs) and implementing Zero Trust architecture (Entra ID conditional access policies, and zero-trust access to private applications using Entra ID Application proxy or Zscaler Private access).
    • Working on Privileged Access Management and secret storage solutions using tools: Azure Key Vault, AWS Key Management Service, Delinea Secret Server, or Hashi Corp Vault.
    • Working on SaaS platform security using the following: Microsoft 365 applications, Salesforce, ServiceNow, and Azure Databricks.

Skills

  • CISSP Certification.
  • One cloud architecture certification (AWS, Azure, or GCP).

Benefits

  • Salary: $149,968 to $233,854 per year.
  • Worksite: 2550 Northwinds Parkway, Suite 300, Alpharetta, GA 30009.

Similar jobs

Security Architect

Enzo HealthLehi, UT· 1 mo ago
Information Technologyapply on ats.rippling.com

Security Architect

thyssenkrupp Materials NASouthfield, MI· 1 mo ago
Information Technologyapply on jobs.thyssenkrupp.com

Security Architect

The Bridgespan GroupUnited States· 3 wk ago
RemoteInformation Technologyapply on phh.tbe.taleo.net

Security Architect

Veolia | North AmericaMilwaukee, WI· 1 wk ago
Information Technologyapply on jobs.smartrecruiters.com

Security Architect

AGFA HealthCareUnited States· 1 wk ago
RemoteHealthcareapply on agfa-gevaert-nv.contactrh.com

Security Architect

Internet Storm CenterManhattan Beach, CA· 3 days ago
Information Technologyapply on isc.sans.edu