Principal Cloud Security Architect ($197,400.00 - $235,100.00)

The Principal Cloud Security Architect is responsible for developing and leading the secure cloud computing strategy for Irvine Company. This includes working with Infrastructure and Development groups to understand their Cloud Platform adoption plans, hosted application designs, and cloud management and monitoring methods. The principal cloud security architect will define architecture patterns and standards based on industry best practices and insights regarding application architecture and deployment in cloud environments.

The Principal Cloud Security Architect will work collaboratively with domain architects and lead security engineers to build security controls and solutions compliant with approved architecture frameworks and standards

.
This role also applies their cloud security, network architecture, hardening, and logging enforcement skills to lead all technical operation teams with containment and remediation workstreams related to security incident

s.
Job Duti

• es:Leads the overall cloud security architecture strategy and technical framework including standards/guidelines/procedures/requirements for infrastructure and software developme
• nt.Enable the business through technical leadership to influence peers across Innovation Technology and Business Leadership to design and implement cybersecurity technology, and assist application and infrastructure teams secure implementation of technolo
• gy.Lead security assessments, identify gaps in existing security architecture, and recommend changes or improveme
• nt.Lead assessment of appropriate vendor relationships related to information security tools, technology and cloud services; manage proof-of-concepts that enable the business while reducing risk; maintain currency with emerging technology; maintain security roadmap. Develop and maintain enterprise security requirements and controls that drive the selection of security tools as well as assist Business Units and IT in selecting solutions to meet their nee
• ds.Create solutions that align enterprise security architecture frameworks and standards (e.g. SABSA, NIST 800-53, ISO 27002) with overall business and security strate
• gy.Participate as the primary security subject matter expert in the Information Technology Architecture Committee (ITAC) by reviewing risks of new technology, ensuring secure integration of technology and driving a secure architecture roadm
• ap.Maintain a leadership role in the Architecture Review Committee through extensive experience in security technology and cloud architecture to drive a balanced approach to Irvine Company’s overall technical architecture. This responsibility also requires mentorship of domain architects to mature their techniques and to think beyond their specific area of responsibili
• ty.Establish and manage the threat management/intelligence program (including threat modeling, assessment, hunting) to support the Security Operations Center (SOC) and integrate with the risk management functio
• ns.Assist Security Operations to assess and investigate security incidents, and work with application and operations teams throughout the investigation cycle to ensure remediation, eradication and lessons learned are rolled back into daily operatio
• ns.Build and maintain the Secure Software Development Lifecycle (SSDLC) including the development of secure coding standards, testing services, testing infrastructure, and compliance process
• es.Manage the development and maintenance of the data protection program including discovery, data-flow/mapping and Data Loss Prevention (DL
• P).Help identify new exploits, threats, and mitigations for detection engineering and define and maintain domain and enterprise level threat modeli

ng.Mentor junior cybersecurity staff in cybersecurity technology, architectural methods and technical process developme

nt.
Minimum Qualifications / Other Expectati

ons:Education & Experien

• ce: Bachelor's degree in computer science, engineering or related fi
• eld.15 years in information risk management and information security technology, including 5 years in security architecture and 5 years in a cloud environm
• ent.Strong written and verbal communications skills with the ability to create and present technical recommendations to executive management as well as influence and persuade peers and oth
• ers.Demonstrate a deep understanding of cloud concepts and architectures with a focus for how security controls are applied to cloud-based technologies. Example cloud concepts include, but are not limited
• to:Architecture & Networ
• kingIdentity & Access Manage
• mentSecuring the CI/CD Pipe
• lineSecrets and Data Protec
• tionLogging, Detection, and Resp
• onseSecurity Controls for Containers (e.g., Docker, Kuberne
• tes)Experience managing cloud proje
• cts.Deep understanding and implementation of industry-leading practices for cloud security risks using frameworks and standards such as CIS Benchmarks, Cloud Security Alliance, NIST SP 800-144, 800-145, 800-291, and 800-
• 322.Experience advising business and technical leadership on cloud architecture and design concepts based on compliance and regulatory standards (e.g., PII, PCI-DSS, PHI, GDPR, HIP
• AA).Demonstrated experience in designing security architectures to mitigate threats including Zero Trust, cloud environments, applications, network infrastructure and data integration/managem
• ent.Experience in identifying gaps in existing architectu
• res.Demonstrated experience in architecting and implementing large complex security solutions and programs (i.e. SOC, Identity Management, SSDLC, D
• LP).Experience in architecting security for cloud environments (IaaS, PaaS, SaaS) as well as leveraging cloud based security soluti
• ons.Hands on experience with leading strategic security technology solutions to enable business flexibility including SD-WAN, Wireless networks and
• IoT.Experience managing multiple projects of diverse scope and effectively collaborating in a cross-functional team environm
• ent.Demonstrated knowledge on how business enabling technology (e.g. IoT, A.I.) increases the threat landscape, while understanding how to apply technology and process to mitigate cyber r
• isk.Knowledge of risk management processes and experience in conducting risk assessme
• nts.Demonstrated ability to develop and implement the overall cybersecurity architecture in alignment with the risk posture of the organizat
• ion.Ability to automate common tasks in programming/scripting language and strong knowledge of application programming interface (API) interaction meth
• ods.Experience being a part of a highly technical team, including Incident Response, Security Engineering, or Forensics te
• ams.Experience as an engineer in incident response efforts. This should include hands on experience completing tasks such as malware detection and analysis, memory analysis, and disk forens

ics.Certificati

• ons:IT security certifications (CISSP, CISM, GIAC, CEH, GCIH, GCFE, GXPN, CISSP-ISSAP, SABSA or similar) prefer

red.Compensat

ion:Base Pay Range: $197,400.00 - $235,10

0.00
Actual placement within this range may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic loca

tion.
The Company also offers competitive benefits for full time employees including paid time off, matching 401(k), and health ben

efits.
Ab

out Us:Irvine Company is a privately held real estate investment company and master-planner committed to creating and sustaining communities that thrive for gener

ations.
Irvine Company is respected for its master planning and environmental stewardship of the Irvine Ranch in Orange County, including diversified operations throughout coastal California. Irvine Company brings to life neighborhoods and sustainable communities with a full range of housing, jobs, retail centers, schools, parks and ope

n space.
We take as much pride in our employee community as we do the communities we create. It’s an environment populated with talented and experienced people, a collaborative spirit and abundant oppor

tunities.
Apply today to join our employee community, and learn more about Irvine Company, our legacy and our guiding p

rinciples.
Irvine Company is committed to providing equal opportunity in all of our employment practices, including selection, hiring, promotion, transfer, compensation, termination, and training, without regard to race, religion, color, sex, sexual orientation, gender, gender identity, national origin, ancestry, citizenship status, marital status, pregnancy, age, medical condition, genetic information, military and veteran status, disability, or any other basis protected by federal, state, and local law. Reasonable accommodation is available for qualified individuals with disabilities, up