Security Architect
As a Security Architect (Lead Security Engineer) at OpenX you will be a key member of the Security Engineering team, who will provide expertise in designing, engineering, building, and deploying security solutions in support of enterprise-level initiatives. Security Engineers work hands-on with our software engineers and operations teams to proactively identify and address security risks. Using your industry experience, you will also work to secure our solutions, monitor our enterprise environment for intrusions, resolve incidents and develop best security practices.
The ideal candidate will share our passion for engineering solutions to complex security problems, while minimizing employee friction and maximizing productivity.Key Responsibilities
- Matures and continuously improves the OpenX information security program
- Recommends, develops, and implements information security policies, standards, and procedures
- Works with IT and business teams to ensure continuous integration of security and compliance throughout the company
- Provides information security consultation and support services for the company's business and technology organizations
- Leads and contributes to the planning, design, and engineering of security solutions across the company
- Automates security controls to improve their effectiveness and efficiency
- Supports product development by integrating security and compliance into SDLC
- Works with the development team on addressing code vulnerabilities
- Provides guidance to IT and business teams on security and compliance related challenges
- Responsible for managing security incident monitoring and response process in a global environment
- Implements and supports vulnerability assessment tools
- Works with other teams on prioritizing and addressing vulnerabilities
- Responsible for configuration and management of security tools
- Performs periodic configuration reviews of network devices and systems
- Develops and tests security procedures
- Keeps up to date on information security threats and countermeasures
- Performs security risk assessments to identify and implement security solutions and controls that are appropriate to the risk profile of OpenX
- Develops, maintains, and presents information security matrix
- Responsible for the development and management of the corporate security awareness program
- Responds to client security questionnaires and audits and interface with clients
- Participates in the RFP and contracting processes
- Candidate must be a U.S. citizen or permanent resident
- 8+ years of experience in information security, risk management, or compliance
- Bachelor's degree in Computer Science or Equivalent
- One or more of the following certifications: CISSP, CISM, CISA, CEH, CIPP, HCISSP, CRISC, CGEIT, PCIP required
- Knowledge of security frameworks, standards, policies and practices – including NIST, ISO 27001, CIS CSC
- Strong hands-on experience with security solutions and technologies
- Experience with providing secure solutions at various levels of the technology stack including network, systems, data and physical layers
- Strong knowledge of common attacks, attack methods, and defense strategies
- Past security experience with providing security solutions for global SaaS solutions
- Experience supporting SOC audits including implementing and managing related controls
- Experience providing oversight and facilitation for internal and external audits