Cloud Security Architect
Woodland Hills, CA

Job Description

Responsibilities:

Drivers for security in hybrid cloud include best practice design for the various elements of our SaaS business:

* Architecting for cloud-native CI/CD (how does the security testing/ infrastructure automation lifecycle change for a public/hybrid cloud environment? Microservices? Just-in-time computing?)
* Application portfolio and life cycle management (what efficiencies are to be gained and how do you manage risk in a CI/CD pipeline?)
* Secure Data management (what does a practical data protection ecosystem look like when you don't control the traditional perimeter?)
* Data/system analytics (how do we balance data science needs and security controls?)
* Configuration management/ file integrity
* Enterprise reference architecture management
* Expansion of the perimeter (network security architecture optimization)
* Centralizing security/reference architecture
* Security governance
* Cloud extensibility for Identity and access management (IAM)
* Technical security controls to enable clear visibility, prompt response to events, and adherence to regulatory compliance requirements.
* Key management, exchange and protection of secrets in hybrid cloud
* Database security and protection of unstructured data

Organizational skills critical to success for a Cloud Security Architect include:

* Defining design elements and decision criteria for selecting/optimizing solutions developed at the enterprise level
* Frameworks / standards introduction for enterprise hybrid cloud model
* Ability to drive strategy from inception to completion, driving maturity and centralization of architecture/design/security
* Ability to design purpose-driven, scalable, and cost-effective solutions (time/compute/overhead)
* Document current state architecture and capabilities and assess strategic design needs for increased scope and scale

Useful frameworks:

* Cloud Security Alliance secure cloud framework
* Open Data Center Alliance Cloud adoption framework
* TOGAF 9.2
* ISO27001
* Security and architecture frameworks specifically designed for machine learning and microservices

Qualifications:

* 7-10 years' experience as an enterprise level security architect, preferably for a SaaS company
* 3-5 years' experience as an enterprise level systems architect, preferably for a large hybrid or public cloud environment
* Experience delivering the drivers and organizational skills previously listed
* Enterprise Architect or Principal architect for one of the major cloud providers or a company with a large presence in the public cloud, specifically designing the enterprise reference architectures
* 7-10 years' hands-on experience with enterprise security architecture design for software and infrastructure
* 5+ years or more longevity in enterprise-level role in growing levels of responsibility
* Ongoing skills betterment through education/certifications/publications

The best candidate for this role can't wait to solve crushingly hard problems, sees the patterns in how systems are designed and deployed, and can teach others. This ideal candidate will not only have insatiable curiosity but be excited for change and be comfortable in a high-change, high-ambiguity, high-stakes environment. He or she will be native to a metrics-driven and technical environment, and be able to pivot from communicating with executives to whiteboarding and getting hands-on-keyboard with engineers.

At the core of everything we do is the service to the customer. We want our customers to feel safe automating their accounting practice and to have the best, fastest, and most optimized experience without compromising on security. They should be able to do their work anytime, anywhere, with complete peace of mind.