Data Analytics Security Architect

Cloud Security Architect focus on Data Analytics

WHO YOU'LL WORK WITH

You will be based in either the Atlanta or Waltham office as part of our core Cloud Data and Analytics team responsible for designing, implementing and supporting the heart of how the firm functions in the cloud.

This team is responsible for supplying the developers, data engineers, data scientists and analytics teams with capabilities to exchange data in real-time, near real-time or in batch mode in the most efficient, secure and scalable way. We deal with the most sensitive data, so everything we do begins and ends with security and authentication, authorization and the implementation of directive, detective, preventative and corrective controls are key to all that we do.

WHAT YOU'LL DO

You will review application functionality, architecture and configurations to advise and assist with the building of compensating controls where security requirements cannot be met.

In this role, you will help prioritize and assist with remediation of any vulnerabilities identified through code scanning and other audit findings. In addition to advocating for compliance to our firm standard and guidelines within the Enterprise data and integrations group, you will also contribute and highlight opportunities to improve them. You will work collaboratively within the group to help team members make informed, risk-based decisions by role modeling and advocating for security principles and incorporating a stronger cybersecurity mindset into the team. You will enable the firm to leverage various Cloud technologies. With a thorough understanding of cloud architecture and Secure by Design, you will design, develop, and manage robust, secure, highly available and dynamic solutions for information systems intended to drive business objectives.

QUALIFICATIONS

• Bachelor's or master's degree in computer science, information security; or a related field

• 5+ years of experience working within information security

• Broad experience working across multiple information security domains (security architecture and engineering, identity and access management, software development security, communications and network security, security assessment, security operations and security and data risk management)

• Hands-on and practitioner experience working with cloud providers (AWS, Azure, GCP)

• Experience reviewing and assessing solution architectures in the cloud

• Familiarity with security frameworks (NIST, OWASP, PCI DSS) and risk management methodologies

• Comfortable with methodology of codifying security templates and policy decisions and socializing them with other teams, using Terraform and/or Cloud Formation

• Strong technical knowledge and understanding of web application and container security, in particular SecDevOps and SDLC

• Ability to review application functionality and architecture to advise and assist project teams on building compensating controls where security requirements cannot be met

• Preferred understanding of Pentesting concepts (Network, Application, APIs, Products)

• Professional certifications (AWS Security Specialty, bCISSP) preferred