Lead Security Architect Job Description
Lead Security Architect Duties & Responsibilities
To write an effective lead security architect job description, begin by listing detailed duties, responsibilities and expectations. We have included lead security architect job description templates that you can modify and use.
Sample responsibilities for this position include:
Lead Security Architect Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Lead Security Architect
List any licenses or certifications required by the position: CISSP, SANS, CCNA, TCP/IP, PKI, CSSLP, GBE, CEH, CISM, GIAC
Education for Lead Security Architect
Typically a job would require a certain level of education.
Employers hiring for the lead security architect job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Information Technology, Business, Information Security, Education, Information Systems, Computer Engineering, Management
Skills for Lead Security Architect
Desired skills for lead security architect include:
Desired experience for lead security architect includes:
Lead Security Architect Examples
Lead Security Architect Job Description
- Partner with Engineering & Product Data Management partners to standardize on endorsed data storage and message distribution technologies and data models
- Own security throughout Product Lifecycle Management, assessing risks, identify how to fully support updated hosted technologies
- Lead SAP/GRC security design, blueprint and implementation for SAP/GRC 10.x suite of applications including Emergency Access Management, Access Risk Analysis, Access Request Management and Business Role Management
- Solid working knowledge in developing ruleset for the organization
- Solid working knowledge of SAP Business Suite on HANA
- Identify security design gaps and offer solutions/resolutions
- Implementing the elements of HR Triggers, Active Directory and SSO
- Serves as SAP/GRC and Security subject matter expert and provide advisory and consulting services as needed
- Apply knowledge of SAP security in the modules of ECC, BI, EWM, CRM, SRM, PLM
- Apply knowledge in SAP Security role analysis, redesign and remediation
- Minimum of ten (10) years' experience as an Information Technology Technical Lead in projects supported by project references
- Minimum of five (5) years' experience designing and implementing high-availability server rooms as supported by project references
- Minimum of three (3) years' experience designing and implementing local area networks demonstrating a strong network bias with general knowledge of the applications
- Minimum of three (3) years' experience as a technical manager responsible for the planning
- Firewalls/IPS
- Experience supporting SOCs in industry or government
Lead Security Architect Job Description
- Responsible for coordination and documentation of testing phases
- Create all necessary documentations for SAP/GRC and Security projects
- Working knowledge of IT-related laws and compliance mandates
- Proficient in researching information security solutions and best practices
- Proficient in researching control solutions and best practices
- Working knowledge of project management principles, and ability to coordinate delivery of high quality solutions on time and within budget
- Ability to work closely and efficiently with internal and external auditors and legal department
- Excellent interpersonal skills with the ability to work on cross-functional project teams and foster team commitment to tasks collaborate with the Business
- Partner with the security group to plan and drive the implementation of the technology and its capabilities
- Recommends updates and changes to the Secure Software Development Policy, Design for Security requirements, and related organization-wide product security governance documents
- At least 5 years in working with information security governance, compliance, or auditing
- Master’s degree, or demonstrated experience and delivery, in information security, data management/modelling or computer science
- 7-10+ years of progressive applied technology experience in enterprise architecture functions, ideally focused on information security or data management, modelling & quality
- Demonstrable ability to structure and execute programs with clearly defined long term goals, interim steps, required stakeholders and justifications
- Demonstrated ability to communicate complex transformation plans to varying organizational levels, including C-level staff, and delivery technologists
- Active professional security certifications (e.g., CISSP or other similar industry qualification), open source project, security research (e.g CAPEC, CVE, CEF, etc) or design framework/patterns contribution, or other continuous learning examples in the threat & security spheres
Lead Security Architect Job Description
- Consultation in product architecture related to security strategies for ensuring a competitive and commercially acceptable level of product cyber security assurance
- Participate in program increment / sprint reviews to keep up to date on products in development and how they may relate to or impact organizational risk and overall security
- Serve intermittently as a member of the Product Security Incident Response Team (PSIRT)
- Attend industry training, conferences and roundtable forums (example OWASP AppSec, RSA, Black Hat) to stay up to date on latest technologies, evolving threats and build relationships in the industry to help the organization become a recognized leader in cyber security knowledge
- Oversees the end-to-end architecture and design of connected network systems while ensuring product cyber-security best practices and requirements are maintained
- Owns and drives the development of cyber security requirements across multiple products and platforms ensuring common designs, functionality, and integration with existing and future systems
- Serve as the lead security architect on high risk products and programs providing overall security architectural leadership while indirectly managing and mentoring security champions
- Represent Global Product Security and the overall product cybersecurity program on technical system architectural boards, committees, and review organizations
- Provides direct support to security-related work packages while in development by the architecture and platform teams
- Application Risk Classification
- Expertise in one solution portfolio area (networking, passenger, self-service)
- Candidate must exhibit innovative & analytical thinking, ability to stay in front of cutting edge technologies in areas such as network and communication interfaces, device and equipment integration to full customer systems, and system development technique and tools
- Prior application security program experience a plus
- Requires strong interpersonal, organizational, written and verbal communication skills, ability to influence and guide senior leaders in the business channels, product management and product engineering when required
- Work with third parties to challenge our secure design principles, for example through independent reviews, penetration testing, vulnerability assessment
- Minimum 2 years of experience specifically in design and architecture of secure systems
Lead Security Architect Job Description
- Secure Application Design
- Opensource Governance
- Validate Threat Modeling
- Container Security Management
- OpenSource Management
- You shall lead and mentor the security architects and ensure that the wider design community understand the security principles we adopt and how they are expected to be followed
- You shall be accountable for the development and maintenance of the Security Architecture and supporting risk assessments such that any changes or initiatives can be assessed against the baseline
- To analyse changes in the threats and/or business requirements that may impact the effectiveness of the security controls within the Smart DCC system
- Represents Security Platform in development and implementation of the overall enterprise cloud architecture
- Design and Implement end to end cloud security, from infrastructure to network to application to regulations and beyond
- Responsible for maintaining and supporting IT Security in the areas of audit, IT change management control, management of protected health information, segregation of duties and provisioning & de-provisioning of users
- Work independently to determine appropriate methods and procedures for maturing data security
- Oversee security awareness programs and educational efforts to keep organization abreast of latest in Information and Cyber security
- Experience in enterprise cloud security architecture design and implementation
- Knowledge and experiences with data protection concepts such as encryption, obfuscation, entitlement, access controls, user management, user and application authentication and authorization, security monitoring, and others
- Experience architecting solutions within MS Azure (Preferred) or Amazon Web Services (AWS) cloud
Lead Security Architect Job Description
- Understand detail-level stakeholder (customer, engineering, ) requirements in order to translate them into technical security specifications
- Perform security architecture duties such as security design review on large, complex solutions (application and infrastructure)
- Lead Security Architect will be tasked to plan, analyze, design, configure, test, implement, maintain and support the Client’s computer and network security infrastructure
- Serves as a Cyber Security advisor to the client
- Communicates and supports key security initiatives within delivery
- Proactively monitors industry threat landscape and advises client entities to adjust security operations and practice
- Prioritize support requests to ensure optimum allocation of resources
- Ensure successful delivery of security assignments
- Serve as the focal point to executives for any escalations relating to Cyber Security
- Architect and design information security solutions to meet business objectives and align to the adopted enterprise security framework to ensure appropriate and effective security controls are built in from the start
- Experience in data security aspects in various settings- , Virtualization and Cloud Security, collaboration tools, identity management
- CISSP-CSSLP Certification preferred
- SANS GWAPT/GWEB certification is a plus
- Experience working with SAP and web applications preferred
- 5 or more years of security design and architecture is preferred
- Demonstrated ability to identify application security requirements and validate implementation of specified requirements into a robust architecture that sufficiently protects valuable digital resources is preferred