ObserveID is seeking a Cloud Security Architect to join our fast-growing Cloud Security and Engineering team. This person will play an integral part with respect to the research, design, and development of our Cloud security posture, infrastructure, policies, procedures, and tools for the current and evolving ObserveID SaaS platform.
The successful candidate will report to the Chief Product Officer. This person must be well-acquainted with industry best practices, as well as with intelligence and automation in a Cloud-Centric environment. To succeed in this role, the success candidate must possess excellent interpersonal and communication skills, be a team player, and be able to thrive in a fast-paced, high-growth industry.
Design and development:
- Hybrid/cloud-based security architecture systems that can be integrated with private and public clouds. This includes, but is not limited to, a deep understanding and knowledge of the AWS, Azure, GCP, and Oracle Cloud platforms.
- Cloud security architectures and perform architecture design reviews.
- Frameworks and solutions to secure CI/CD pipelines.
- Service security and compliance requirements for SaaS multi-tenant systems.
Lead and Perform:
- Risk assessment of proposed and existing system architecture for compliance with security best practices, recommending technical, administrative and physical controls to mitigate identified risks.
- Compliance efforts based on selected industry frameworks and compliance standards.
- R&D and Product Management on defining and prioritizing development of secure SaaS offerings.
- Security processes, tools, methods, and knowledge and security enhancements.
Implement and Maintain:
- Existing industry best practices of operational security controls, including monitoring, Identity & Access Management, and Encryption & Data Security.
- Training policies, relevant industry knowledge, and security awareness activities for personal use and team members.
- University/College Degree in Computer Science/Engineering or related field, and/or 10 + years of related work experience (required).
- Five years of work experience in software security, including Cloud platforms.
- Experience in infrastructure security, assessment, development, implementation, optimization, and documentation of comprehensive security processes, SDLC, and secure SaaS practices.
- Direct architecture experience with Amazon (AWS), Microsoft Azure, Oracle Cloud (OCP), and Google Cloud (GCP).
- Experience with risk assessment, development, management and threat monitoring.
- Experience with security review processes, data protection, cryptography, identity and access management (IAM) within Cloud environments, SaaS, IaaS, and PaaS.
- Experience with service-oriented architecture for Cloud-based services, security and governance tools, network administration security, and enterprise applications.
- Strong interpersonal and communication skills, attention to detail, hands-on technical abilities, and critical thinking skills.
- Experience with Identity-centric management and authentication protocols, including Active Directory and others.
- Experience performing threat modelling and design reviews to assess security implication requirements for introduction of new technologies.
- Experience in Linux, Unix, Windows OS, various network architecture and security configurations.
- Keen ability to multi-task by keeping track of numerous detail-intensive, interdependent tasks and ensure their accurate completion.
- Demonstrated ability to work independently and assume sole responsibilities effectively and also working on larger teams across functional areas.
Equity and Diversity:
ObserveID is proudly an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.
Notice to Agencies, Recruiters or Vendors:
Any unsolicited applications received on behalf of candidates by recruiting agencies or vendors without a valid agreement between the parties will not be considered by ObserveID. ObserveID will only work with recruiting agencies who have a valid agreement with ObserveID and that are specifically invited by ObserveID’s recruiting team to assist with searching for and submitting candidates for a specific position. Any unsolicited resumes or other candidate data submitted to ObserveID in any form, physical or electronic, will not be accepted and shall be considered ObserveID’s property. ObserveID will not pay any placement or other fees of any kind for any unsolicited resumes or candidate data that is submitted in violation of this policy. ObserveID does not accept liability under any legal theory such as course of conduct, oral agreements, implied contracts, or otherwise based on negotiations with a candidate identified from an unsolicited resume or data in violation of this policy.
Additional Privacy Information:
All candidate information submitted will be kept confidential according to EEO guidelines.