Principal Security Architect
Description:
Principal Security Architect
This position will sit in Columbus, Ohio and have a Hybrid work environment of 3 days in office 2 remote.
About FlightSafety International
FlightSafety International is the world’s premier professional aviation training company and supplier of flight simulators, visual systems and displays to commercial, government and military organizations. The company provides training for pilots, technicians and other aviation professionals from 167 countries and independent territories. FlightSafety operates the world’s largest fleet of advanced full-flight simulators and award-winning maintenance training at Learning Centers and training locations in the United States, Canada, France and the United Kingdom.
Purpose of Position
The Principal Security Architect is responsible for the design, building, testing, and implementation of security systems within our IT network for both on premise and cloud environments. The principal security architect's responsibilities include reviewing our current security measures, recommending enhancements, identifying areas of weakness, engage on most projects and provide expert security architecture guidance and respond promptly to possible security incidents. The Principal Security Architect will continually monitor our security posture and determine areas of needed security enhancements. A qualified principal security architect must be experienced in all aspects of information security controls and IT infrastructure architecture principles. Must also possess strong interpersonal and communication skills and be able to lead and work with a wide variety of people.
Tasks and Responsibilities
Establish a thorough understanding of the organization's technology and IT systems.
Plan, research, and design security architectures
Develop, review, and approve the installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices
Design and validate cloud architecture and controls
Develop project timelines for system upgrades and preparing cost estimates
Test the final security system and update and upgrade it as needed
Establish disaster recovery procedures and conduct security breach drills
Respond quickly and effectively to all security incidents and provide post-event analyses
Monitor and guide the security team, cultivating a sense of security awareness, and arranging for continuous education
Remain up to date with the latest security systems, standards, authentication protocols, and products
Establish overall secure systems & applications architecture and designs based on industry control frameworks, standards and security best practices
Provide security subject matter expertise on new initiatives to ensure positive security outcomes are delivered, including the early definition of security controls required, definition and implementation of clear secure development design principles
Evaluate system changes across the organization to assess and document the security risk and impact
Work with system engineers to understand and implement continuous improvement processes, automation, system upgrades and rollouts
Continually evaluate systems’ security capabilities, risks, and exposure to security threats, documenting risks and offer remediation advice to enhance or apply mitigating controls
Identify opportunities to standardize and simplify security technology stack by leveraging native cloud capabilities where possible
Collaborate with the Security Operations team in the assessment of new technologies and products for IT and business solutions
Participate in the scheduling, testing, and implementing of enhancements or new releases with the security stack
Partner with teams across IT on active or emerging threats
Stay informed and tuned to security industry trends, emerging threats, vulnerabilities, & emerging technologies
Provide leadership on highly complex projects
Capable of making independent decisions or representing leadership at times.
Develop, coach, motivate, energize and inspire fellow Flight Safety team members
Build organizational talent by creating a learning environment that ensures employees realize their highest potential
Support the budgeting, reporting, forecasting and cost models for security architecture service offerings
Support the Director – Security Architecture in developing the budget projections based on short- and long- term goals and objectives
Minimum Education
Bachelor’s Degree or equivalent education in Computer Science, Information Systems, information Security or other Information Technology-related field.
CISSP or CCSP certification
Additional certifications (CISA, CISM)
Minimum Experience
10 years related experience in technical security architecture and engineering function, including hands-on experience in:
Secure Systems architecture & design
Secure application development practices, DevOps, & SDLC
GDPR, CCPA, NIST 800-53, NIST 800-171, NIST CSF, OWASP, & PCI DSS Controls
Secure cloud architecture deployments, Azure & AWS
Agile, waterfall, & hybrid project methodology
Demonstrable experience in architecture and engineering principles (e.g. SABSA, TOGAF)
Demonstrated experience in implementing and managing at least 9 of the following security defenses:
Web filtering technology
Network intrusion defense systems
Intrusion prevention systems
Endpoint monitoring
Data loss prevention
Penetration testing
Firewalls
WAF
Vulnerability scanning tools
Security Information and Event Management
Network tabs, traffic aggregators and filters
Forensic investigations and relevant tools
Policies, standards, procedures and other forms of documentation
Identity management tools, AD, LDAP, web front end and virtualization
Application code vulnerability scanning (dynamic & static) and application security
Cloud architecture, security controls, secure configuration, and deployment
User security training and awareness
Expert-level knowledge of security principles and technologies
Experience with security automation and orchestration
Experience with CI/CD pipelines and secure DevOps
A sound understanding of emerging threats and industry trends
Knowledge, Skills, Abilities
Provide technical security architecture guidance and oversight to ensure increased security architecture maturity
Articulate issues, risks, and proposed solutions to various levels of staff and management
Contribute to the development of the security strategy, policy and service delivery objectives and best- practices for the design and delivery of security architecture services
Develop processes, standards, guidelines and policies for the implementation and maintenance of security architecture principles within projects
Manage multiple enterprise-wide programs simultaneously
Proficient knowledge of the organization’s mission, values and strategic goals to their work
Expected to present information in writing, email, PowerPoint and other forms of documentation.
Expected to work with employees from all areas of IT and maintain a good working relationship with them.
Proficient with interacting with multiple levels and roles within the organization and shall have the ability to apply different strategies to convince others to change their opinions or plans.
Regularly report to the Director Security architecture and CISO office using KPIs and other metrics to clearly reflect accomplishments and progress over time
Demonstrate process-oriented approach with high attention to detail
Excellent critical-thinking and organizational skills
Proficient interpersonal skills with the ability to interact professionally with all levels within the organization
Ability to work successfully with a diverse set of individuals and constituencies, and to be adept at advocating for, recommending and building consensus around suggested improvements
Ability to work creatively and analytically with others in a problem-solving environment
Ability to think both strategically and tactically in a high energy, fast paced environment
Ability to exercise sound judgement, problem solve, and make decisions in complex situations
Ability to communicate verbally and in writing within all areas and at all levels of the organization
Physical Demands and Work Environment
The physical demands and work environment described here are representative of those that must be met and/or encountered by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
FlightSafety is an Equal Opportunity Employer/Vet/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.