Enterprise Security Architect

Job Summary

The Enterprise Security Architect is responsible for contributing subject matter expertise in designing and supporting the security direction across Optimum’s enterprise platforms. This role emphasizes practical technical involvement, assisting in the implementation, configuration, and automation of security controls to help meet compliance and risk management goals. 
You will report to the Director of Enterprise Security Architecture and work with other security architects, security engineers, network engineers, and application architects to deploy secure, scalable, and resilient solutions. Proficiency in cloud platforms (GCP, AWS, Azure) and knowledge of modern security practices are required.

Responsibilities

• Assist in providing technical guidance and support to other Security Architects and Engineers.
• Contribute to the design, implementation, and maintenance of enterprise security infrastructure aligned with architectural guidelines.
• Offer expertise in technologies, best practices, and industry trends to help ensure Optimum remains innovative.
• Contribute to the design, implementation, documentation, and maintenance of security infrastructure to support application development in accordance with defined architecture guidelines within the enterprise environment.
• Help teams maintain and follow Security Architecture Best Practices, established standards, and provide solutions/proof of concepts.
• Create, document, and promote security reference architecture consumable by engineering and development teams.
• Provide technical expertise to support the adoption of Secure by Design principles, ensuring security is incorporated into solutions early in their design rather than as an afterthought.
• Assist in conducting platform, tool, and process assessments to evaluate existing security controls, identify potential weaknesses, and support recommendations and process improvements.
• Support the evaluation of security threats and risks to help define and implement suitable architectural security models.
• Assist with technical research on the security implications of new technologies.
• Participate in efforts and support business teams by assisting in planning and designing architectural solutions in alignment with security strategies and cross-functional technology teams throughout the organization.
• Contribute to ensuring that the platform's security risk controls, mitigations, and approach align with security standards, IT, and business goals.
• Implement proper security architecture and governance practices for emerging technologies, including AI/ML, GenAI, and other innovations.
• Provide guidance on software development architecture, including activities such as threat modeling for secure solution design, particularly for Web Services design, and reference architecture addressing OWASP Top Ten resilience.
• Share insights and assist in operationalizing DevSecOps methodologies and practices, including security logging, monitoring, and alerts as essential components.
• Support the implementation of security policy, compliance requirements, and best practices across the project portfolio.
• Assist in providing enterprise security and architectural guidance to ensure that the infrastructure supporting customer-facing products meets legal, regulatory, and industry security standards.
• Contribute to long-term roadmap planning and architectural vision for Enterprise Security
• Collaborate with external vendors to ensure their security practices align with the organization's security architecture standards.

Qualifications

• Bachelor’s degree in Computer Science or related field preferred. 
• Enterprise Security / Enterprise Architecture Certifications (CISSP, CCSP, TOGAF 9, GCP Professional Cloud Architect, Azure Solutions Architect, etc.) preferred.
• Prefer eight or more years of experience in Information Technology.
• Prefer five or more years of direct IT Security experience in one or more of the ten security domains.
• Excellent analytical and problem-solving skills, with the ability to assess complex issues and develop effective solutions.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with stakeholders across various teams and levels of the organization.
• Broad technical experience in several security disciplines, including endpoint and platform (Unix/Linux/Windows, mobile) controls, encryption/tokenization, identity and access management, PKI, data protection, and security tooling integration in moderately complex environments.
• Expertise across multiple security disciplines, including Data Protection, Compliance Validation, Vulnerability Management, Network Security, Infrastructure Security (Active Directory, Group Policy, Endpoint Management), CI/CD Security, Identity and Access Management, Logging and Monitoring, Incident Response, Data and Analytics, and Resiliency.
• Experience with Infrastructure as Code deployments and familiarity with the security review process.
• Ability to effectively communicate technical concepts to diverse audiences.
• Experience with Security Services in Azure or AWS, such as IAM, KMS, VPC, Security Groups, AWS Inspector, or Guard Duty.
• Familiarity with developing security reference architectures for information systems based on industry frameworks.