Lead Security Architect - Infrastructure/network/Cloud
Posted on May 5, 2022 by Request Technology - Robyn Honquest
Lead Security Architect
The focus is on network and infrastructure security, cloud AWS azure or gcp. Firewalls, web applications, SAAS cloud services, NIST ISO PCI MITRE ATT&CK OWSAP ASVS vulnerability management technologies server database and infrastructure security and resiliency Kubernetes and containers
We are looking for an experienced security architect to bring deep knowledge of current and future-looking security practices for our networks and infrastructure. The Security Architect will develop the patterns, frameworks, and standards for Grainger partnering with technologists from across the company.
The Security Architect role is highly collaborative in nature with strong communication skills, an influential personality, and a level of expertise that can be substantiated with compelling justifications or insights to key stakeholders and technical teams.
This role leads the evaluation, analysis, and development of architectures, strategies, roadmaps, staying aware of trends in the industry which can be successfully applied to business.
- Security Consultation to stakeholders, SMEs, and project or product teams
- The security resource who can speak to security requirements, controls, and implications for new technologies, products, services, or designs across the technology landscape.
- A go-to resource for teams seeking deeper clarity, potential solutions, or recommendations for meeting security requirements when path forward is uncertain.
- Security analysis and guidance from within the Security Team.
- Constructive review of existing environment standards, designs, tools, and services to determine areas of weakness, inconsistency, or exposure, this while offering recommendations for IT remediations and maturity.
- Thoughtful analysis and alignment with Security Operations and GRC to ensure alerting, metrics, and reporting are conveying information to further reinforce security standards or identify deviations.
- Defining security architecture, standards, and solutions within one or more domains
- Develop conceptual and logical security architectures to inform and influence product selection and application
- Firewalls, networking, routing, load balancers, and related
- Zero trust, zone-based architecture, defense in depth, SASE, SSE, and micro-segmentation
- Identity-based network access, time-bound access to networks, and NAC
- Wireless technologies, 802.1x, WPAx, and wireless in IoT and industrial applications
- Intrusion detection/prevention, threat protection, application and content identification
- Web application Firewalls (WAF), application and reverse proxies, DDoS protection strategies
- SaaS cloud service security (O365, Salesforce, ServiceNow, etc.)
- AWS, Azure, GCP, and other commodity IaaS vendors
- NIST 800-53, NIST CSF, ISO 27001, PCI-DSS, HIPAA, etc.
- SABSA, TOGAF, and enterprise architecture frameworks
- Frameworks such as MITRE ATT&CK and OWASP ASVS, with the ability to articulate how the frameworks assist in enhancing security.
- Vulnerability management technologies and secure development tools.
- Threat modelling methodologies and frameworks
- Server, database, and infrastructure security and resiliency
- Kubernetes and containers
- Internet of Things (IoT), Operational Technologies (OT) and industrial control
- Bachelor's Degree in Computer Science (related) or equivalent experience as a hand-on security architect/senior security engineer.
- 7+ years of IT Security Experience. Industry certifications are highly desired (ie CISSP, CCSP, or other advanced-level certifications).
- Highly technical and analytical expertise, with a proven background in security technology design, implementation, and delivery. This individual must be comfortable providing metrics, analysis, and quantitative/qualitative evidence to drive an expected security outcome.