Security Architect ›
Filevine
IT
Salt Lake City, UT, USA
Posted on Dec 22, 2024
Responsibilities
- Provide security architectural review of development projects throughout the SDLC on a rapid cycle including specifying minimum security requirements.
- Provide security reviews and recommendations for SAAS and desktop applications (Mac and Windows) for the Filevine product.
- Provide security review and recommendations on various subsystems, such as email and calendaring plugins across various operating systems and browsers.
- Experience with helping enhance the security on new Filevine products including the secure use of Ai tooling and their implementation.
- Improve monitoring capabilities for cloud environments to improve detection of security issues.
- Strategize and outline goals and objectives to secure the cloud environments and cloud applications while enhancing the application security program.
- Investigate security incidents.
- Install security measures and operate software/hardware to protect systems and information infrastructure, including network and web firewalls, and data encryption programs.
- Document and research best practice architecture designs as part of an overall risk management strategy.
- Work with internal teams to perform tests and uncover network vulnerabilities.
- Help remediate detected vulnerabilities to maintain a high-security standard.
- Stay current on cloud security standards, trends and news.
- Develop company-wide best practices for cloud security.
- Research security enhancements and make recommendations to management.
Qualifications
- 5+ years combined in information technology/security with emphasis on network security. A BS/MS degree in a technical field such as information security or computer science can be considered as supplementary experience.
- Strategize and outline goals and objectives to secure Cloud environments and Cloud applications while building the application security program.
- Ensure Filevine is following cloud security best practices for cloud environments. Ensure appropriate cloud logging, monitoring and response efforts are in place to protect Filevine and our customers. Excellent history in advising and executing security architecture design and assessments.
- Great degree of familiarity with designing and implementing secure Enterprise cloud networks.
- Significant experience with SIEM and logging technologies.
- Knowledgeable with Threat Hunting practices.
- Expert knowledge with SOAR platforms and creating run books / play books.
- Experience with cloud hardening best practices.
- Experience with both executing and defending network penetration tests.
- Security Architectural Experience with two (AWS, GCP, Heroku and/or Azure) cloud infrastructure platforms.
- Experience with container security for Windows & Linux operating systems. Working knowledge of security requirements for SOC 2 Type I & II, HIPAA, GDPR, CCPA and CJIS. Significant experience with security engineering, incident response and security operations best practice.
- Significant experience with orchestration and observability tools.
- Strong Project Management experience.A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges.
- Experience with scripting and development languages (e.g., JavaScript, Python, Java, C++)Automation skills are a plus.
- Strong team player and work ethic are essential.
Preferred Qualifications
- CISSP Certification or equivalent experience.
- AWS Certified Cloud Practitioner (Foundational) or equivalent experience.
- AWS Certified Developer – Associate or equivalent experience.
- AWS Certified DevOps Engineer – (Professional) or equivalent experience.
- Certified Cloud Architect (CCA) or equivalent experience.
- Certified Cloud Professional (CCP) or equivalent experience.
- Certificate of Cloud Security Knowledge (CCSK) or equivalent experience.
- CompTIA Cloud+ or equivalent experience.
- CompTIA Cloud Essentials+ or equivalent experience.
- Google Associate Cloud Engineer or equivalent experience.
- Google Professional Cloud Architect or equivalent experience.
- Microsoft Certified Azure Fundamentals or equivalent experience.
- Microsoft Azure Administrator Associate or equivalent experience.
- Microsoft Azure Solutions Architect Expert or equivalent experience.