Security Architect

Job Description:

The Security Architect plays an integral role in defining, managing, and assessing the organization’s security strategy, architecture and practices. This is a hands-on role with the Security Architect expected to manage corporate security tools on a day to day basis. The Security Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

Responsibilities

The Security Architect has the following responsibilities:

Planning and Design

• Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers

• Determine baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM)

• Draft security procedures and standards to be reviewed and approved by executive management

• Establish procedures, including escalations, for when indicators of compromise (IOCs) are discovered

Assurance

• Maintain awareness of industry security trends

• Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.

• Validate that security and other critical patches to firmware and operating systems are configured and deployed in a timely fashion

• Ensure that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted that should be logged by the security information and event management (SIEM) or log management tool

• Support the testing and validation of internal security controls

• Review and assess security and infrastructure logs for indicators of compromise or other anomalous behavior within networks, applications or user profiles

• Conduct security assessments of internal systems, applications and IT infrastructure

• Conduct vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset and guidance from the CISO or other executive management

Collaboration

• Evaluate third party partner security operations

• Liaison with the internal audit team to review and evaluate the design and operational effectiveness of security-related controls

• Participate in application and infrastructure projects to provide security planning advice

• Participate in semi-annual BC/DR tests

• Conduct incident response exercises with colleagues throughout the organization and incorporates lessons-learned into existing security architectures and practices

• Conduct forensic analysis of security-related incidents in a manner consistent with guidance from the organization’s counsel, human resources or law enforcement, as needed

• Lead penetration testing and other critical team exercises as directed by the CISO or IA team

Qualifications

Education

Bachelor’s degree in computer science, information systems, cybersecurity or a related field. Master’s degree preferred.

Security and Technical Experience

• 5+ years direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology

• Direct, hands-on experience using vulnerability management tools

• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services

• Full-stack knowledge of IT infrastructure: Applications, Databases, Operating Systems, Networking, etc.

• Direct experience designing IAM technologies and services (e.g., Active Director, LDAP, Amazon Web Services’ (AWS’) IAM)

• Strong working knowledge of IT service management (e.g., ITIL-related disciplines): Change, Incident, and Problem Management

• Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure)

Industry and Regulatory Experience

The Security Architect is expected to be familiar with the following regulations, standards, and frameworks: PCI, HIPPA, Sarbanes-Oxley, GDPR, NIST CSF

Required Certifications

The Security Architect will evidence their knowledge of security and risk management through ongoing continuing professional education. The ideal candidate will maintain one or more of the following certifications: ISC2’s CISSP, ISACA’s CISM, ISACA’s CISA, or other relevant security certification

Additional Qualifications

• Can interface with, and gain the respect of, stakeholders at all levels and roles in the company

• Is a confident, energetic self-starter, with strong interpersonal skills

• Self-Motivated, has good judgment, a sense of urgency and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service and business integrity

• Strong problem-solving and trouble-shooting skills

For the health and safety of our employees and their loved ones, proof of COVID-19 vaccination is required as a condition of employment. The Company is an equal opportunity employer and will provide reasonable accommodation as required by applicable law and regulations.

Ventas, Inc. offers a competitive compensation and benefits package to the successful candidate.

Ventas, Inc. is an Equal Opportunity Employer.

Ventas, Inc. does not accept unsolicited resumes from staffing agencies, search firms or any third parties.

Job Type: Full-time

Work Location: Multiple Locations