The Security Architect is responsible for providing leadership, vision and strategy in the comprehensive development, planning and execution of security and privacy within Arbonne's environment in an effort to continuously improve security posture. He/she will also gather and validate security requirements, design scalable end-to-end solutions and provide architectural support across a wide variety of systems and platforms in support of Arbonne's business needs. Components will include but are not limited to hardware, software, networking, web environments and security. He/she will prepare solution documents and consult with appropriate Arbonne technical teams to assure solution(s) can be delivered within specifications.
The Security Architect will also be responsible for the definition of strategy architecture and implementation of encryption, digital signatures, public key infrastructure, intrusion detection, intrusion prevention and incident response. Duties include: Insuring audit ready posture, protection from attacks, protection from unresolved vulnerabilities, assessing the risk of intrusion from internal/external threats and points of failure, eDiscovery and identify risk mitigation strategies.
The Security Architect will also monitor security technology trends and requirements, such as emerging standards for new technology opportunities. He/she will develop and execute security plans. This may include managing joint development with 3rd Party vendors, consultants and provide guidance to other Arbonne departments including senior leadership. Ensure, and create as needed, security processes, practices and operations to ensure reproducible development and high quality, while keeping costs under control. Provide training to staff and contractors related to security.
location: IRVINE, California
job type: Permanent
salary: $115,000 - 165,000 per year
work hours: 8am to 5pm
responsibilities: ESSENTIAL DUTIES, RESPONSIBILITIES AND COMPETENCIES General
·Define and Create actionable events within our monitoring systems that proactively identify service impacting events.
- Design, configure, and support security deployments which include:
- Firewalls (FortiNet)
- Anti-Virus / Host based or End Point solutions
- Perform APT correlation between multiple event sources such as firewall and system logs, threat intelligence feeds, anti-virus logs, IDS and IPS logs.
- Conduct / Coordinate Vulnerability Assessments as required.
- Conduct Risk Assessments as required.
- Assist internal and external clients with security events / incident response activities as needed.
- Actively participate in staff mentoring and ongoing internal employee Security training.
- To be a public representative of the company.
- Own Security incidents through to resolution.
- Produce transparent written and verbal communications.
- Prioritize time and financial spend to maximize spend / risk reduction return.
- Create controls, mitigation strategies and frameworks as needed.
- Ensure expectations of Corporate policies are met and communicated transparently to both internal and external customers.
- Assisting in the creation and maintenance of enterprise security policies, controls, and standards
- Analyze and continually recommend improvements to the security posture.
- Perform other security related duties as required and assigned
- From time to time, special projects may require a departure from, or an addition to, regular duties.
·Sets and achieves challenging goals.
·Demonstrates persistence and overcomes obstacles.
·Measures self against standards of excellence.
·Recognizes and acts on opportunities.
·Takes calculated risks to accomplish goals. Analytical Skills
- Synthesizes complex or diverse information.
- Collects and researches data.
- Uses intuition and experience to complement data.
- Identifies data relationships and dependencies.
- Designs and documents workflows and procedures.
- Expresses ideas and thoughts verbally.
- Expresses ideas and thoughts in written form.
- Exhibits good listening and comprehension.
- Keeps others adequately informed.
- Selects and uses appropriate communication methods.
- Observes security (SOC) policies and procedures.
- Stays current with regulatory activities.
- Complies with legal and regulatory guidelines.
- Alerts management to questionable practices.
- Assesses own strengths and weaknesses.
- Seeks feedback to improve performance.
- Pursues training and development opportunities.
- Strives to continuously build knowledge and skills.
- Shares expertise with others.
- Actively participate in ongoing training
- Timely responses to requests for service and assistance.
- Follows instructions, responds to management direction.
- Takes responsibility for own actions.
- Commits to doing the best job possible.
- Meets agreed upon deadlines.
- Establishes effective relationships.
- Exhibits tact and consideration.
- Displays positive outlook and pleasant manner.
- Contributes to building team spirit.
- Gives and welcomes feedback.
Managing Multiple Priorities
- Displays original thinking and creativity.
- Meets challenges with resourcefulness.
- Generates suggestions for improving work.
- Manages multiple commitments.
- Responds to changing demands and priorities.
- Allocates and utilizes time efficiently.
- Identifies and communicates potential conflicts that impact commitments.
- Completes work according to identified priorities.
Planning and Organization
- Performs well under pressure.
- Demonstrates excellent judgement.
- Professionally and diplomatically handles unexpected situations.
- Maintains composure in stressful situations.
- Seeks help early to resolve complex issues.
- Demonstrates prudence and honesty in technical / security discussions.
- Prioritizes and plans work activities.
- Uses time efficiently.
- Integrates changes smoothly.
- Sets goals and objectives.
- Identifies problem implications and impacts in a timely manner.
- Gathers and analyzes information skillfully and in a forensically sound fashion.
- Develops alternative solutions when required.
- Works well in group or individual problem solving situations.
- Able to correlate legal, business, and technological issues simultaneously.
SKILLS AND QUALIFICATIONS
- Demonstrates accuracy and thoroughness.
- Displays commitment to excellence.
- Looks for ways to improve and promote quality.
- Applies feedback to improve performance.
- Monitors own work to ensure quality.
- A Bachelor of Science degree in Cyber Security, Information Systems, IT Management or STEM discipline and/or at least 7 years of equivalent work experience is required.
- Have an active CISSP, CISA, CISM CCSP, CEH or other GIAC - DoD 8140 / 8570 IAT / IAM certification, or will accept certification if within 6 months of hire (Temp-to-Perm Engagement).
- strong working knowledge of networking devices, including IDS/IPS systems, firewalls, packet capture tools, and file integrity monitoring tools.
- Able to independently originate and review security architectural documents (technical or process) and suggest improvements or remedial actions.
- In depth knowledge of networking protocols, system calls, TCP/IP stack, OSI model & PKI systems.
- Advanced level of knowledge of incident response, detection and prevention.
- Deep understanding of PCI and other security related compliance regulations
- Intermediate level of knowledge of NIST and other security standards.
- Intermediate working knowledge of either COBIT or ITIL.
- Ability to script or code in at least one language. (Python, BASH, C#, PowerShell are preferred)
- Cloud (AWS, GCP and/or Azure) Security experience required, including both IaaS and PaaS models.
- Deep understanding of Microsoft Windows operating systems, MS active directory, vmware, and Linux
- Understanding of Microsoft SQL and Oracle Databases
- strong knowledge of at least four of the following:
- Hacking and Incident Response
- Network Forensics
- Security Engineering
- Networking Protocols
- Security analysis / investigation
- Scripting / coding language (Python, BASH, C#)
- Proven track record of exhibiting strong judgement and adherence to ethical standards.
·strong problem solving skills, analytical abilities and ability to deliver high performance.
·Ability to work independently as well as with others.
·Ability to work productively with frequent interruptions.
·Ability to provide effective mentoring to increase the skill level of NOC personnel.
·Ability to work the required hours to ensure delivery of services and meet deadlines.
- On call rotation is a requirement of this position.
The physical demands described are those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodations may be made to ensure individuals with disabilities to perform the essential functions.
The person in this position must be able to:
- Frequently talk, hear and see.
- Frequently use hands to handle objects, tools or controls.
- Regularly stand, walk, sit and reach with hands and/or arms.
- Occasionally lift up to 50 pounds.
- Regularly be able to read and use a computer terminal screen.
- Distinguish colors.
- Able to work well and productively with frequent interruptions.
- Experience level: Experienced
- Minimum 7 years of experience
- Education: Bachelors (required)
- IT Security Administration
- Security Architecture
- Python (3 years of experience is preferred)
- PCI (3 years of experience is required)
- Firewalls (3 years of experience is required)
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
Qualified applicants in San Francisco with criminal histories will be considered for employment in accordance with the San Francisco Fair Chance Ordinance.
We will consider for employment all qualified Applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.