Senior Cloud Security Architect

Information TechnologyHybrid Remote, ATLANTA, Georgia


Description

Position at Genuine Parts Company

The Cloud Security Architect will develop and implement a cloud security strategy and associated architecture across various cloud, hybrid, and on-premise environments. This position will direct the overall implementation of GPC’s existing enterprise security cloud architecture and information assurance program, while working closely with staff to enhance and develop new designs, policies/standards, and security strategies across all types of cloud-based initiatives (including infrastructure, platform, software as a service, and application development). The Cloud Security Architect also will lead a small team of engineers who will assist in executing GPC’s cloud security strategy and conducting daily information security and assurance monitoring activities in the respective cloud environments.

The Cloud Security Architect will partner with GPC’s Information Technology and Cybersecurity teams and its subsidiaries to ensure open lines of communication and clear understanding of security objectives are provided within each project. The successful candidate possesses excellent interpersonal and communication skills required for partnering with all stakeholders, while also possessing the requisite IT/cloud/security skills and experience. The successful candidate also will assist and advise GPC’s Global Director of Cyber Defense when working on various cloud-based security initiatives and projects.

 

RESPONSIBILITIES

  • Design and implement a multi-year cloud security and information assurance roadmap
  • Develop a multi-tiered security strategy for both individual public clouds and a multiple-cloud deployment
  • Collaborate with GPC’s Cloud Operations infrastructure team to architect and implement new cloud-based environments to ensure that required security controls are implemented and working as intended
  • Create a security policy and standard, along with defining the associated controls, to govern the adoption of containers and their associated workloads
  • Work closely with GPC’s application development and application security teams to ensure that proper security controls are “baked in” to the cloud application development lifecycle
  • Draft cloud-centric policies and strategies that set the tone for a global cloud security footprint spanning GPC and its international subsidiaries
  • Develop a plan for conducting regular audits of GPC cloud environments to determine their adherence to GPC security policies, standards, and best practices
  • Thoroughly document processes and implementations (both operational and architectural) via technical documentation and run books
  • Provide input and feedback on cloud security architectures and best practices
  • Represent the Security Program in the development and implementation of the overall enterprise cloud security architecture and planning
  • White boarding of security architecture and implementation planning to stakeholders
  • Develop daily cloud-monitoring processes/operations that focus on protecting IaaS, PaaS, SaaS services, and cloud-based applications
  • Design a strategy for identifying deviations from GPC security standards and best practices and collaborating with the GPC Cloud Operations team and stakeholders to remediate such issues
  • Coordinate w/ DevOps and DevSecOps teams to close configuration issues and harden cloud infrastructure services and/or applications
  • Assist the GPC Global Incident Response team in developing cloud-based incident response processes
  • Document system configurations, standards, and procedures.

 

EDUCATION & EXPERIENCE QUALIFICATIONS

  • 4-year degree or equivalent years' related work experience required
  • CISSP and/or CCSP preferred
  • 5 - 7 years’ experience with Security Architect and/or Engineering in cloud environments.
  • 5 - 7 years’ experience with the major cloud service providers
  • 5 - 7 years’ experience architecting solutions within any/all the major cloud providers

 

REQUIRED KNOWLEDGE, SKILLS or ABILITIES

  • Possess a firm understanding of the offerings and capabilities across multiple major cloud platforms
  • Possess a solid understanding and have experience with systems automation platforms, Infrastructure as Code, container security, and other similar cloud-based technologies
  • Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes, including secure software development (Application Security), data protection, cryptography, key management, identity, and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments.
  • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
  • Experience with deployment orchestration, automation, and security configuration management (Jenkins, GitLab, Puppet, Chef, CloudFormation, Terraform, Ansible) preferred
  • Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server and/or application virtualization technologies
  • Experience and exposure to threat modeling and design reviews to assess security implications and requirements for introduction of new technologies
  • Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
  • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions
  • Strong interpersonal and communication skills; ability to work in a team environment
  • Ability to work independently with minimal direction; self-starter/self-motivated
  • Technical writing experience
  • Data Loss Prevention, Archiving, eDiscovery, and Compliance experience is a plus

 

GPC conducts its business without regard to sex, race, creed, color, religion, marital status, national origin, citizenship status, age, pregnancy, sexual orientation, gender identity or expression, genetic information, disability, military status, status as a veteran, or any other protected characteristic. GPC's policy is to recruit, hire, train, promote, assign, transfer and terminate employees based on their own ability, achievement, experience and conduct and other legitimate business reasons.