The Principle Security Architect, Infrastructure plays an integral role in defining and assessing the organization's security strategy, architecture and practices.
You will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
You’ll use your leadership skills to give guidance, best practice advice and support across all our business and technology groups.
You’ll participate with incident response, risk reviews, and vulnerability assessments, identifying threats, which will lead to driving and selecting cost-effective solutions.
Deploy best practices, new policies, and emerging trends to strengthen our strategic roadmap. Keep executives, directors, management, and stakeholders in the loop as well as managing budgets.
What you will Do
Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
Participate in application and infrastructure projects to provide security-planning advice
Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and DT Enterprise Architects
Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
Collaborate with DT Smart Home, Product Security Managers and teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems
Liaise with the internal audit (IA) team and Security Governance Manager to review and evaluate the design and operational effectiveness of security-related controls
Architecting and designing IAM technology such as federation (SAML, OAuth, OpenID Connect), Multi factor Authentication (MFA), Single Sign On (SSO), Active Directory, API gateway access control, identity governance & administration.
The enterprise security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.
Provide technical guidance and foster a collective understanding of data flows and security issues encountered in cloud applications and services
Staying abreast of changes in vendor landscape and providing guidance regarding cloud service offerings.
Lead Cloud Security DevOps with different scrum teams and plan user stories for sprints while addressing requirements and orchestrating security impact
Provide expert knowledge of cloud security architecture and consult with business and other technology teams to address complex application needs
Work closely with development teams on Infrastructure as Code, Automation, and Orchestration
Provide Security posture and best practices for deploying web and service-based applications in Windows / Linux environments using containers
Review network segmentation to ensure least privilege for network access
Validate security configurations and access to security infrastructure tools, including firewalls, proxies, IPSs, and WAFs
Design (and provision) network security policies and controls and dynamic routing
Design (and provision) VLANs and Isolated L3 networks compliant with required Zero Trust Principals
Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services.
What you need to Succeed
Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.
5 - 7 years' experience architecting solutions
5 - 7 years' experience in Information Security
CISSP - Certified Information Systems Security Professional
Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
Possess significant breadth across other disciplines (e. g., enterprise security architecture, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack / Cisco), systems resiliency, service support, application development lifecycle management (DevOps), and service delivery).
Direct experience designing IAM technologies and services :
Strong working knowledge of IT service management (e.g., ITIL-related disciplines) :
Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business security architects, engineers, developers, application owners, service providers, and senior management.
Experience working with cloud security management / governance tools, Cloud Access Security Brokers (CASB), cloud services and 3rd party hosted services, and server virtualization products and technologies.
Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies
Hands-on experience as an engineer or architect with public cloud technologies to include Amazon Web Services (AWS) and Microsoft Azure Cloud Platforms.
Proven experience securing cloud software, platforms and / or infrastructures.
Experience designing cloud security solutions, including creating artifacts, models, and strategy presentations.