Senior Lead Cloud Security Architect

The Senior Lead Cybersecurity Architect is

responsible for defining the principles, standards, and design

patterns to build secure products and enterprise tools for all of

Cox Automotive's multi-cloud and on-premises environments. This

position's architecture focus is on securing multi-cloud

infrastructure and services and on-premises infrastructure. Peer

cybersecurity architects will be focused on application security,

software as a service (SaaS), and network

security.

This role will use

their deep cybersecurity knowledge in the designing and building of

secure infrastructure and services in both multi-cloud and

on-premises environments. They must be able to collaborate with

cross-functional teams throughout the organization and propose

well-defined cybersecurity architectural guidelines to be adopted

by product and enterprise engineering teams. This role will

directly report to the Senior Director of Cybersecurity

Architecture at Cox

Automotive.

Primary

Responsibilities

Identify

and recommend relevant cybersecurity policies, standards,

procedures, and

guardrails.

Drive the

definition of cybersecurity guidelines across the product and

enterprise architecture group by leading working groups focused on

cybersecurity.

Develop

secure design patterns in conjunction with the product and

enterprise architecture group based on standards that can be

adopted and implemented by engineering

teams.

Contribute to the

development of non-cyber architecture-related governance patterns,

policies, and

standards.

Provides complex

analysis of potential risks to information systems' security and

recommends innovative

solutions.

Work with

cross-functional technical, development and delivery teams to

ensure the application of smooth, efficient and scalable release

processes.

Engage with

business teams and engineering teams to define cybersecurity

guardrails that promote efficient and seamless adoption of secure

design patterns.

Participate

in security events and incident response to identify gaps in

current design and propose solutions to prevent threats from

reoccurring.

Research and

evaluate emerging security trends, threats, and technologies, and

recommend appropriate solutions and

enhancements.

Collaborate

with data users, software and other technical stakeholders to

ensure security considerations are factored into and underpin

development and operational decision

making.

Collaborate with

cybersecurity peers to incorporate vulnerability management,

governance, risk and compliance, cyber defense, continuous controls

monitoring, and identity governance into cybersecurity standards as

a cohesive cybersecurity

organization.

Minimum

Qualifications

Bachelor's

degree in a related discipline and 8 years of experience in a

related field. The right candidate could also have a different

combination, such as a master's degree and 6 years of experience; a

Ph.D. and 3 years of experience in a related field; or 12 years'

experience in a related

field.

At least 4 years

focused on

cybersecurity.

Must have

practical expertise in AWS cloud infrastructure and services and

on-premises

infrastructure.

Clearly

articulate the objective of specific cybersecurity policies and

procedures to technical and non-technical

stakeholders.

Excellent

customer service skills, writing, and executive presentation

skills.

Develop a strong and

productive working environment with key stakeholders and

collaborate closely with other Cox entities' cybersecurity teams to

implement cybersecurity best

practices.

Consultative

nature to work through controversial or complex topics to

employees, leaders, and / or senior

leadership.

Evaluate risks

and recommend actions based on impact and likelihood of the risk to

the business.

Knowledge of

current cybersecurity and technology architectures such as zero

trust, IaaS, PaaS, SaaS, virtualization, and

containerization.

Creatively

solving complex cybersecurity challenges while exhibiting solid,

pragmatic business

acumen.

Experience utilizing

Agile

methodologies.

Initiating

change and deploying solutions in Fortune 1000

companies.

Knowledge of

cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and

industry relevant regulations that will guide architectural

requirements (e.g., GDPR, FFIEC,

GLBA).

Preferred

Qualifications

Experience

in the development and design of cybersecurity standard

methodologies to all layers of the hosting and application stack in

both cloud and on-premises

environments.

Relevant

experience with application security, SaaS, network security,

DevSecOps, and software-defined networking across a variety of

environments and

deployments.

Knowledge of

Identity and Access Management (IAM), cryptography / key

management, secrets management, access controls and security

protocols (e.g., multi-factor, SAML, OAuth,

OIDC).

Experience with

application security implementations and standard

methodologies.

Extensive

technology knowledge and recognized expertise in several areas

including Python, .NET, Java, Spring frameworks, Oracle,

serverless, cloud patterns, cloud service and user authentication

or similar.

Experience with

firewall, web application firewalls, and other edge services as

well as deep understanding of DMZ and other network

architectures.

AWS

Well-Architected

Framework.

Experience

establishing a strategy for and implementing cloud enterprise

solutions in AWS, GCP, or

Azure.

A strong

understanding of cloud containers and / or serverless platforms

(e.g., EKS, ECS, Lambda,

Fargate).

Big four

consulting or Fortune 500 company

experience.

Relevant

industry certification (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM,

CISA).

USD

144,900.00 - 241,500.00 per

year

Compensation : Compensation

includes a base salary of $144,900.00 - $241,500.00. The base

salary may vary within the anticipated base pay range based on

factors such as the ultimate location of the position and the

selected candidate's knowledge, skills, and abilities. Position may

be eligible for additional compensation that may include an

incentive

program.

Benefits : The

Company offers eligible employees the flexibility to take as much

vacation with pay as they deem consistent with their duties, the

company's needs, and its obligations; seven paid holidays

throughout the calendar year; and up to 160 hours of paid wellness

annually for their own wellness or that of family members.

Employees are also eligible for additional paid time off in the

form of bereavement leave, time off to vote, jury duty leave,

volunteer time off, military leave, and parental

leave.

Applicants must currently be authorized

to work in the United States for any employer without current or

future sponsorship.