Aug 29, 2014
Our client located in St. Louis, MO is in need of a Cloud Enterprise Security Architects for a 3 month project with a very good chance of a long term extension. The focus of this position is to act as a primary technical principal and is responsible for delivery of Cloud security solutions at an enterprise level. The Cloud Security Architect will define Security Architecture for Private Cloud and support the development and implementation. The position will provide technical information security leadership and serve as a subject matter expert on Cloud security and associated compliance initiatives.
In addition, you will work with the customers’ management and architects to develop a new Cloud solution for products, solutions, employee document/solutions access, and customer access to data and support on mobile IOS and DRIOD platforms as well. The customer will want to migrate some of the existing internal focused architecture and solutions to the new Cloud based solution.
· Serve as enterprise level SME on Cloud Security Architecture to Corporate IT Security teams, Cross-functional IT Solutions
· Development teams, 3rd Party Partners, Security Vendors, and internal business stakeholders from Research and Development, Marketing, Customer Relationship Management, Legal, and Compliance.
· Develops and maintains Private and Hybrid Cloud security architectures.
· Serves as Subject Matter Expert on Cloud Security issues and questions.
· Engage with functional stakeholders (e.g. legal, compliance, engineering, enterprise security, etc.) to determine security needs to meet business objectives and regulatory requirements.
· Work with the current Enterprise security team to establish and maintain a risk-based security program for private cloud focused on appropriate detection, response, and prevention activities.
· Own planning, design of security reference architecture for emerging Private and Hybrid Cloud environments.
· Serve as a liaison to vendors and/or third-party providers as assigned.
· Provide technical guidance, knowledge transfer and mentorship to corporate IT security teams and IT application and architecture development teams in security architecture and cloud security architecture.
· Architect and lead cross-functional pilots and projects, assessing the viability of new solutions to reduce the impact and likelihood of security incidents.
· Develop application security policy and standards/best practices.
· Assess business process, technology and information architecture at logical, system and component levels to understand the risk posture, apply critical thinking, determine the security models and co-design the system.
· 10+ years as a Security Architect with direct customer involvement
· Expert knowledge of Cloud security architectures, strategies and standards to determine, design, document, and socialize security architecture requirements.
· Demonstrated AWS, Rackspace, or other Public/Hybrid/Private Cloud Experience.
· Deep understanding of common security protocols/standards/frameworks: SAML, XACML, Kerberos, RBAC, OpenID, OAuth, ACLs, LDAP/SSO integration, identity federation, Central Authentication Service (CAS), JAAS, and Java crypto API etc.
· Cloud Security Concepts (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data protection
· Practical working knowledge of operating environments including Windows, UNIX, and Linux.
· Knowledge of Java, .Net, Object Oriented design and methodology is required.
· Experience with PKI, SSL and digital certificates
· Expert knowledge of network security methodologies as a whole, including but not limited to:
o ACLs, Stateful firewalls, VPNs (tunneling, IPsec, PPTP, etc.).
· Bachelor’s degree in a technical field OR equivalent experience.
· Active industry certification(s) required (such as CISSP, CCSK, CISA, CISM, CEH, SANS, GSEC, GCIH, CCNP, VCP, CCIE etc).
· Outstanding customer communication and presentation skills
o Must be of presenting to sr. customer management as well as technical personnel
Nice to Have:
· Cloud Security Alliance best practices and guidelines
· Experience with Cloud Computing and/or Hosting infrastructures.
· Hands-on experience with virtualization, operating systems and networking gear.
· Specific experiences in architecture, engineering, deployment and operational management of a robust application security environment.