Information Security Architect

Title: Information Security Architect (Solutions Architect)

Location: Century City, CA (Hybrid role with 3 days onsite and 2 days remote)

Type: 06 plus months contract with extension (long term contract with extensions)

Job Description:

Responsibilities:

• Lead the solutions architecture function to ensure security is integrated early in the development lifecycle for in-house or SaaS based solutions, infrastructure projects and technology processes.
• Partner with business and technology teams to identify and document workflows, system architecture, data flows and determine appropriate security considerations.
• Leverage Threat Modeling techniques to identify security threats, vulnerabilities, and attack vectors across the solution (infrastructure, application, data).
• Ensure the security considerations identified are implemented and the solutions are configured securely.
• Key focus on security integrations includes secure access and authorizations, audit logging, secrets management, data protection, data security and other functional third-party integrations.
• Support the SaaS/Third Party security assessments and collaborate with service owners, business leads and vendors to develop a managed solution aligned with CAA security policies.
• Identify risks and provide mitigating controls or risk treatment options for a given solution.
• Develop training for technology team members to increase awareness on security practices for onboarding new technology solutions.

Required:

• Minimum 8 years of Information Security experience with a Bachelor's Degree.
• Minimum 3 years experience in a Security Architect function.
• Create and review system architecture diagrams in Lucidchart or equivalent tool.
• Experience in SaaS and Cloud architectures – Azure, AWS, M365, and exposure to SAP 4/HANA, Workday, Salesforce, and other SaaS solutions. Cloud architecture certifications preferred.
• Experience with Cybersecurity frameworks – NIST CSF, CSA Cloud Controls.
• Cybersecurity certifications CISM, CISSP or equivalent work background preferred.
• Familiarity with operational tools such as JIRA, ServiceNow, OneTrust.
• Experience with contractual and regulatory standards such as GDPR, CCPA, Client, TISAX, SOX.
• Experience with third party security assessments and standards – SOC, ISO27001, SIG.
• Ability to communicate complex messages in a clear and concise manner with stakeholders at all levels.
• Excellent organizational skills and ability to communicate with internal/external entities and executives.
• Effective leadership skills with demonstrated ability to coordinate people and teams to project/activity completion.