Senior Security Architect
San Francisco, CA, US
Joyent is the high-performance cloud infrastructure company built to power real-time web and mobile applications.
Joyent is currently seeking a Senior Security Architect who will be responsible for providing high-level security architecture design and implementation, coordinating information security efforts within the company, and identifying security initiatives and standards for safeguarding information assets held by Joyent. This will involve interacting with and working closely with business managers, the executive management team and peers.
The Senior Security Architect is involved with establishing, implementing and maintaining enterprise and cloud information security tools, which includes procedures and policies designed to adequately protect enterprise communications, systems and assets from both internal and external threats. A key element of this role is working with interdisciplinary technical teams within Joyent to mitigate excessive levels of risk for the organization. They must be highly knowledgeable about the business environment and must ensure that information systems are maintained in a fully functional, secure state.
- Architect, develop and document industry best practices to support company initiatives while meeting performance and availability requirements
- Practical knowledge of cloud security architectures, must be able to document architectural flaws and provide recommendations for remediations
- Provide architectural guidance on the proper design, deploy, and operation of security infrastructure and network infrastructure
- Experience in information security domains such as identity management, access management, threat and vulnerability Management, security architecture, secure software development, data security, cryptography, as well as in GRC
- Continuously assesses System and Network Architectures to ensure they are adhering to best security practices
- Architect, develop, and design SIEM, data analytics, threat intelligence, and other tools for use in a SOC environment
- Collaborate with Product, Operations and Engineering organizations to understand requirements and develop security architecture specifications around project initiatives.
- Research new security technologies and adopt suitable best practices to solve industry obstacles and security threats
- Provide technical leadership within the area of expertise and mentor security engineers
- Ensure confidentiality, availability and integrity of cloud information systems and processes across the cloud infrastructure
- Audit existing security standards: to include engineering designs, implementation, and guidelines and provide documented guidance on how to improve upon them
- Provides guidance and collaborates with security engineering team to deploy and maintain internal security systems such as IDS/IPS, DLP, VPN, WAF, and vulnerability scanners
- Comprehensive understanding of security hardening for hosts, services, applications, web applications, and database applications
- Work with business colleagues to review RFPs, RFIs etc., and provide security and risk-related input into proposals
- Monitor the external threat environment and information security trends internal and keeps business leadership informed about information security-related issues and activities potentially affecting the organization
- Serve as a senior information security subject matter expert for the incident response team and handle escalations of any possible incidents impacting the company
- Provide guidance on prioritization and remediation of security issues
- Provide architectural guidance of AAA, PKI, key-based cryptography and authentication, including the storage and rotation of keys
- Up to 10% travel
- Must have a solid overall understanding of information technology and information security practices and trends
- Strong network security skills centered on firewalls, DDoS, access control, and secure network design
- Expert Linux/Unix Skills
- Hands-on Public Cloud (IaaS) experience – One or more of AWS, Azure, etc
- Provide expertise and guidance to security engineering staff in the deployment of security tools
- Passionate about automation, performance, reliability, visibility, and finding creative solutions to complex security issues
- Must be an intelligent, articulate and persuasive leader who can serve as an effective member of the team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff
- Ability to work with cross-functional, interdisciplinary teams to achieve tactical and strategic information security goals
- Experience with any two (2) security frameworks including ISO, NIST SP 800-53, HIPAA, PCI, FISMA, FedRamp, HITRUST, or NIST CSF
- Demonstrable expertise of cryptographic concepts and techniques, including encryption, hashing, and key management.
- Knowledge of security risks unique to cloud environments, API security vulnerabilities and remediation measures
- Experience using a high level scripting language for administration, monitoring and automation
- Strong attention to detail, organizational skills, problem solving, troubleshooting and documentation skills
- Korean language skill is a plus
- 7+ years experience in an information security engineering role
- Bachelor’s degree in information technology or related field, or equivalent experience.
- Advanced degree in technology related field is a plus
- Technical security related certifications are a plus:
- Industry Certifications – e.g. GIAC, ISACA, and (ISC)²
Joyent, a wholly-owned subsidiary of Samsung, is the open cloud company. With its Triton Kubernetes services and support, Joyent helps its customers build and operate modern cloud native applications across multiple clouds. Joyent’s Triton Private Regions provide low cost, dedicated cloud infrastructure that gives its customers the ability to own their data and control their cloud costs.
To apply, please submit a brief introduction, a copy of your resume, and a link to your Github or LinkedIn profile to firstname.lastname@example.org with Senior Security Architect in the subject. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the Fair Chance Ordinance.
View All Open Positions at Joyent