Cloud Security Architect

  • Location:
    San Jose, California, US
  • Additional Location(s)
    RTP
  • Area of Interest
    Engineer - Software
  • Job Type
    Professional
  • Technology Interest
    Cloud and Data Center
  • Job Id
    1221913
New

The Cloud Application and Services Security Architect is an action-oriented, disruptive, and innovative driving force that partners closely with Cisco business units, sales and services groups who are designing, building and operating cloud services offered to Cisco customers. This position will play a leadership role in assisting these groups in securely architecting their offerings by aligning to the Cisco secure development lifecycle (CSDL), industry best practices, compliance and privacy requirements.

This particular position concentrates on cloud security, with an emphasis on cloud application development, operations, application deployment and continuous integration in a multi-tenant Internet-facing environment. This high-level individual contributor will create and drive security standards, development and operations life-cycle requirements and design capabilities to hold development teams accountable to reducing risk in their service offerings and maximizing trust with Cisco customers

 

This individual will influence and lead cross functional teams to complete projects and major initiatives using judgment and growing experience. The Architect will follow a collaborative process with stakeholders, fellow architects, product management and operations to collect business and technical requirements to then fully articulate the risks, standards gaps and opportunities to improve the security posture of the cloud offerings. This person will identify, deliver, and document the required artifacts to make the new offerings secure, including strategy collateral, thread models, technical roadmaps, position statements, policies, standards, concepts, and logical specifications. The architect will be hands-on, directly interacting with the cloud tenant engineering teams and leadership driving alignment on development and operational security gaps. This individual will be expected to influence decision makers, build relationships, communicate strategy, architecture and technology to the broader internal community.

As a technical leader, this person is expected to deliver and lead through others, as well as personally working to reach innovative solutions to business problems. The ability to teach and mentor technical personnel is required. The ideal candidate has detailed understanding of cloud security, but also a broad technical understanding of security application development, cloud infrastructure services in general, and also possesses significant additional breadth across other disciplines, e.g., large Enterprise/SP-style security architecture, OSS/BSS service/systems management, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack/Cisco), systems resiliency, service support, application development lifecycle management (DevOps), and service delivery.

Experience/Skills:

Requires a Master’s degree (BS/BA with additional experience will be considered) , and at least five to ten years of increasing responsibility for positioning and delivering Cloud and Internet facing applications with a focus on security. Strong internal consulting and communication skills are a requirement as this position will work with internal customers in driving their architecture needs and will routinely deliver presentations to stakeholders. Knowledge and experience on holistic data center virtualization, and Cloud security expertise are highly desirable.

Technical Expertise:

·       Technical knowledge of access control mechanisms, federated authentication schemes, encryption, digital certificates and trust-based authentication

·       Cloud Security Alliance best practices and guidelines

·       Cloud Security Concepts (SaaS, PaaS, IaaS), Mobile Architecture, Network and Application Security and/or Data protection

·       Identity and access management solutions.

·       Network/Infrastructure Security technologies (Firewall, access control, intrusion detection, intrusion prevention, administrative access control).

·       Networked protocols, including Ethernet and its enhancements for the Data Center, IP, FCoE, TCP, UDP; and basics of higher layer protocols: SSL/TLS, HTTP, real-time traffic (voice/video), NFS, database access protocols

·       Network addressing: IPv4, IPv6, IP addressing best practices, DNS, DHCP

·       System interaction with Data Center compute technologies, including Cisco UCS (x86), VMWare virtualization, hypervisor (Openstack/KVM), OS (Linux/Windows), workload mobility

·       Relevant experience in middleware architecture, application deployment methods, automation, testing, compliance, and auditing

·       Service-oriented architecture for cloud-based services, including the transformational elements (‘Infrastructure-as-a-service’), management and automation (‘self-service, on-demand’), multi-tenancy

·       Strong Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data protection.

·       Industry-specific certifications, including one or more of the following: CCIE (Security), CISSP, CISA, CISM, GCIH, ISSAP, ISSMP, CCSP, or GCFA.

Non-Technical Requirements:

·       Track record of thought-leadership in the area of information risk management such as participation in industry forums, publication and contribution to legislative and regulatory process of value.

·       Proven ability to communicate threat and risk profiles to executives and individual contributors and facilitate progress towards required improvements

·       Full commitment to customer satisfaction and the highest ethical standards

·       Core expertise to include design concepts, architectural mindset, IT analysis/analytical thinking, innovation management, enterprise perspective and process knowledge.

·       Analyzes opportunities with a broad, strategic view; integrates business and technology requirements to achieve cross-domain solutions that work across the enterprise; applies methodologies that are appropriate for multiple users / technology platforms.

·       Identifies, invents, incorporates, and advances innovations in Cisco products, services, solutions, technology, and processes.

·       Client-facing skills to include cross-functional influence, external and internal consulting/partnering.

·       Excellent understanding of the industry landscape (competitors and partners).

·       High-level, out-of-the-box thinking, analytical reasoning, and creative problem solving skills.

·       Ability to shift from high-level thinking to realistic and pragmatic execution is essential.

·       Successful track record in large-scale IT technology change and adoption is highly desirable, especially in the application space.

·       Solid understanding of the end-to-end IT process, including architecture, design & engineering, implementation, and operations; prior architecture, design and operational responsibilities are highly desirable.

Excellent written and verbal communications skills:

·       Ability to communicate technology strategy and architecture approach to engineers, executives, and Cisco customers.

·       Strong influencing and leadership skills at technical level.

·       Negotiation and conflict-resolution skills.

·       Willingness and ability to work with teams, ability to build relationships using an open and respectful communication and collaboration style.

·       Technology leadership skills to include coaching/mentoring/teaching, critical thinking/judgment, facilitation, leading change, and team development.

·       Foundational / IT best practice skills to include investment management and functional innovation.

·       Communication skills to include conflict management, negotiation, presentation/demonstration, and written communication.

·       Cisco best-practice skills to include building relationships, cultural sensitivity, goal alignment, learning agility, and virtual/remote training.

We connect everything - people, process, data and things. We innovate everywhere to create fresh ideas and possibilities. We make a meaningful difference that will benefit everyone - our people, our customers and the world around us.

Our technology changes the way the world works, lives, plays and learns. But our edge doesn't come from technology. It comes from our people. We're looking for the kind of people who take smart risks, thrive in diverse environments, inspire their colleagues, and are committed to having an impact on the world. Whether you create technology solutions that redefine business or build connections that strengthen the community, you can make it happen at Cisco!

Powered ByLogo