If you have interest in this position please send resume in word with contact number.
Salary: OPEN DOE, stock options, relocation assistance and great perks/benefits.
Location: San Carlos, CA
No sponsorships.
 

Job Description

Information Security Architect
As an Information Security Architect you will bring security controls into our cloud infrastructure. Reporting to the Head of information Security, you will set up security incident and event management. You’ll play a key role in ensuring security controls through design and architecture in our infrastructure, creating protocols for how we restrict access and data to specific users, and identifying and rectifying cases in which our infrastructure and data processing applications/databases isn’t secure or secure enough. You will also be a thought leader and represent Company at security conferences and events. As one of the first members of this team, you will also have an opportunity for growth into management.
 
Here is more about what you’ll be doing:

• Managing security compliance in all infrastructure-related projects including mapping Technology compliance into our infrastructure
• Partnering with engineering and dev-ops to provide security guidance in managing secure networking, securing IT assets and defining requirements for our Devops Team
• Building out Company's future through infrastructure by creating AWS-based security controls from scratch using a variety of AWS tools
• Set up a regular vulnerability scanning tools and manage remediation of identified issues
• Conducting infrastructure security audits, penetration tests, and periodic access reviews to applications and infrastructure
• Owning security controls relating to application access and data encryption
• Leading vulnerability management and incident management procedures
• Keeping abreast on all compliance/regulatory news and information in fintech to ensure Company is at the forefront of changes in the industry
• Actively participating in open source forums (e.g OWASP) and cloud infrastructure conferences

Requirements:

• 5+ years of experience in information security, preferably with experience in enabling security incident and event management
• 3+ years of experience in a leadership role
• Certification in IT or cybersecurity (e.g. CISSP or CISM) will strengthen consideration
• Experience working in high-security/high-compliance environments, Maintain compliance requirements with international standards such as (SOX, SOC2 and ISO27001)
• Experience setting up and working with AWS Inspector, Kinesis - Lambda based security response, Macie, Gaurd Duty, Config and Config rules
• Experience setting up and working in security operations
• Ability to define high-level strategy for security/compliance monitoring and risk mitigation
• Strong written and verbal communication skills

Job Type: Full-time

Application Questions

You have requested that Indeed ask candidates the following questions:

• How many years of define high-level strategy for security/compliance experience do you have?
• How many years of information security experience do you have?
• How many years of leadership experience do you have?
• How many years of setting up and working with AWS Inspector, Kinesis experience do you have?
• How many years of working in high-security/high-compliance environments experience do you have?
• Do you have the following license or certification: CISSP or CISM?