Senior Security Architect
About The Position
As a security architect, your responsibilities will include reviewing our current security measures, identifying areas of weakness, recommending enhancements, and implementing the controls needed to mitigate the risks of security breaches. You will also be responsible for conducting regular system tests and ensuring continuous security monitoring.
As a successful security architect, you should think like a malicious hacker. You should understand and anticipate the moves and tactics a hacker might use to try and gain unauthorized access to Fireblock’s computer system. You should have experience in information security, with a strong understanding of security protocols, authentication, and security engineering.
- Review security for code/design/architecture and requirements.
- Identify & mitigate security gaps in existing or proposed architectures and recommend technical, administrative, and physical controls to identified
- Plan, research, and design security architectures for Fireblocks production & IT processes (e.g. R&D development, customer support, HR, etc.)
- Lead vulnerability testing and security assessments (threat modeling).
- Recommend and document security gaps & proposed architecture.
- Align security standards & frameworks with overall business and technology strategy.
- Acquire relevant knowledge, remain up to date, attend security conferences, and be involved with the security community.
- 5+ years of experience with information security (security researcher, security engineer, security architect).
- Bachelor’s Degree in Computer Science or CISSP/CISM certification - advantage
- Risk assessment and threat modeling to identify risks associated with business processes, operations, technology projects, and information
- Security considerations of cloud computing, including data breaches, hacking, account hijacking, malicious insiders, third parties, authentication,
APTs, data loss, identity and access, and OWASP attacks.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- Strong hands-on technical abilities.
- Ability to keep track of numerous detail-intensive, interdependent tasks and ensure their accurate completion.
- Design, review and develop cloud security architecture.
- Design and develop frameworks and solutions to secure CI/CD pipelines.
- Product & infrastructure security, knowledge in SSDLC, and secure SaaS practices.
- Respond to security-related incidents with the Security Operations team and provide thorough remedial solutions and analysis.