LEAD SECURITY ARCHITECT COVER LETTER TEMPLATE

• Serve as the principal technical advisor and subject matter expert for the Cyber Security Tools Architecture Support Function services
• Architect, design, develop, direct, and implement enterprise network cyber defense capabilities
• Prevent sophisticated cyber threats and vulnerabilities, or detect when prevention fails
• Architect security measures that utilize layered defense and zero-trust technologies and processes
• Implement security measures that protect the enterprise
• Maintain knowledge of the lifecycle of the network threats, attack vectors and methods of exploitation
• Maintain proficiency and specialized knowledge in computer network theory and understand IT standards and Cyber Security Tools architectures including the OSI model, and the methods of exploiting those standards
• Utilize, configure, and implement industry-standard cyber defense capabilities

Skills: Cyber Architecture, Threat Prevention, Zero Trust, Security Implementation, Threat Analysis, Tools Proficiency, Network Theory, Defense Configuration

• Serve as subject matter expert in product security architecture, security testing, secure design review and reporting
• Communicate security concepts to a variety of audiences including business and technical leaders as well as senior leadership
• Leads discussions, assessments, tracking and overall reporting of technology security risks
• Work with the design and development teams to ensure that application security risks are identified and remediated while maintaining a balance between security and productivity
• Ensure systems are designed in accordance with and are aligned with Endpoint information security policies and standards
• Execute advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents
• Creating a security architecture framework for all of the business units within the group
• Identifying security gaps, technical and processes and recommending changes or enhancements
• Helping develop the security framework, standards and requirements for the business
• Assist in the evaluation and selection of security technology and products as defined in the security technology roadmap
• Maintain awareness of current and emerging security risks and recommend mitigating solutions to business units

Skills: Security Architecture, Secure Design, Risk Assessment, Threat Analysis, Policy Alignment, Security Framework, Gap Identification, Tech Evaluation

• Help mature the EIRC organization and overall enterprise security posture
• Assessing control effectiveness against current and emerging threats
• Partnering with technology teams to ensure industry-standard and best-practice platform, network and endpoint security
• Support the overall EIRC mission, strategy, and delivery of objectives
• Build strong working relationships and work closely with technical 
• Enterprise architecture teams are to ensure that security is well integrated into the environment
• Interpret and apply understanding of policy, process, architecture, regulatory, audit and compliance implications to assist the development of technical solutions or controls
• Maintain a deep understanding and application of security concepts at a technical level

Skills: Security Maturity, Threat Assessment, Platform Security, Mission Support, Stakeholder Collaboration, Integrated Architecture, Compliance Interpretation, Technical Security Knowledge

• Responsible for SSDLC cybersecurity across multiple technology platforms within the business
• Engages with stakeholders across multiple program streams to ensure the right cybersecurity capability is selected and enabled
• Articulate methods and techniques of intrinsically building in cyber security or automating cyber security before production go-live
• Make decisions on behalf of the organization regarding SSDLC cybersecurity and will have the ability to clearly document decision-making in the form of requirements capture that leads to high-level design
• Collaborate with stakeholders of any level across the organization to understand their points of view and sell ideas, concepts and architecture knowledge for the benefit of the organization
• Push the intrinsic cybersecurity agenda and own the SSDLC security roadmap 
• Understanding current posture, deciphering where the organization needs to get to in the short, medium and long term, and how it will get there via architecture decision making and collaboration
• Responsible for horizon scanning for new technology and data security techniques

Skills: SSDLC Security, Cyber Capability, Secure Automation, Security Decisioning, Stakeholder Engagement, Security Roadmap, Architecture Planning, Horizon Scanning

• Gaining an understanding of the Current State and Target State Architecture
• Working to define a strategy for technical direction around security for CPP Investments' infrastructure, application, technology and data landscape
• Develop a hybrid cloud Security Architecture for fault-tolerant and scalable applications that adhere to expected standards and discipline from a security posture
• Provide Security architecture and design oversight for systems and projects
• Define solution level security architecture for the project
• Work with the CPP Investments Information Security team on reviews and conformance to CPP Investments' security standards
• Work directly with project development teams to enable successful project implementation, applying the recommended security tools, technologies and techniques
• Provide expertise to the project team engineers

Skills: Architecture Analysis, Security Strategy, Cloud Architecture, Design Oversight, Solution Security, Standards Compliance, Secure Implementation, Technical Expertise

• Experience in the Product Security / Cyber Security domain
• Highly motivated, methodological individual who can work well on their own and as part of a team
• In-depth understanding of relevant security trends and threats
• Comprehensive understanding of NIST, ISO 27k Frameworks
• Working on multiple classification security architectures
• Knowledge and demonstrable experience of cyber security activities within a defence, government, engineering or transferable domain
• Understanding of cryptography, key management and distribution, high-grade security devices and techniques
• Experience in presenting technical information and engaging with stakeholders
• Excellent interpersonal skills as well as both written and verbal communication and presentation skills
• Understanding of radio communication systems and concepts

Qualifications: BA in Security Studies with 5 years of Experience

• Experience in Software Engineering or Architecture and strong technical experience with building enterprise-scale security solutions
• Working experience in IDaaS and Web Application Management 
• Experience with security architecture including hands-on knowledge of SAML 2.0, OAuth, OpenID Connect, SSO, Multi-Factor Authentication, cloud security, etc.
• Knowledge of Cloud Computing platforms with experience in Azure
• Knowledge or hands-on experience with Ping Identity
• Demonstrated expertise in security, operational, and resiliency architecture principles
• Excellent verbal and written communication skills with focused attention to details
• Demonstrated professionalism and time/task management skills
• Strong Agile and DevOps experience
• Strong analytical skills with demonstrated ability to apply analysis to actionable insights
• Demonstrated influencing and negotiating skills
• Demonstrated business acumen, especially in the insurance and financial industries and systems

Qualifications: BS in Information Security with 8 years of Experience

• Experience in the technology industry including internet-facing security systems
• Deep expertise in security architecture of systems, sandbox implementations, mobile operating systems (Android/iOS), web applications, security protocols and algorithms
• Possess a strong background and experience as a successful Software engineer/Architect in building large-scale, highly available web and mobile applications
• Significant experience working on mission-critical internet-facing applications, focusing on the security aspects
• Passion for security and the ability to pick up and learn new technological advances very quickly
• Exhibits leadership in guiding team members, adapts to changes in technology and business domains
• Good knowledge of the latest trends in the market and is well respected within the team
• Experience with modern identity and access management platforms, including MFA for omni channels
• Good knowledge and experience in Spring Boot, API security, including OAuth2/OIDC, Tokens, mTLS, NIST Cybersecurity Framework, ISO 27001/2, etc.
• Solid understanding of Public Cloud (AWS) architecture and security

Qualifications: BA in Information Technology with 7 years of Experience

• Exceptional communication skills with diverse audiences (including non-technical audiences)
• Experience in API gateway/service mesh, Container (Kubernetes/Docker)
• Knowledge/Experience in Agile Development and Management tools, e.g., Jira, Nexus, Bamboo, Jenkins, Sonar, Selenium, Bitbucket
• IT Experience in enterprise-scale organizations in an architecture role
• Knowledge of multiple architecture disciplines, or an equivalent combination of education and work experience
• Experience in the following areas: Security Architecture and Design, Risk management and Traffic and packet analysis
• Must have AWS Security certification
• Strong team player with demonstrated ability to work in a fast-paced environment
• Ability to multitask and stay organised in a dynamic work environment

Qualifications: BS in Computer Engineering with 4 years of Experience

• Must have experience securely designing Azure Active Directory, Azure cloud services and on-premises Microsoft infrastructure
• Familiar with secure DevOps and introducing secure testing principles into Continuous Integration pipelines
• Knowledge of 3G, 4G and 5G infrastructure, including virtual PBX solutions
• Experience in the IT and information security field
• Broad experience as a lead Security Architect
• Experience with the technical side of IT Security and information security
• Working knowledge of Architecture methodologies such as ToGAF, SABSA, or equivalent
• Experience in gaining approval of security designs from Business, Architecture and Risk management approval boards
• Experience in the design and development of high-availability platforms
• Must have certifications in one or more of the major cloud platforms (Azure, AWS, GCP)

Qualifications: BA in Management Information Systems with 6 years of Experience