Security Architect
Indexed description
The starting salary for this role is $185K, commensurate with experience.
What You’ll Do
- Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with cloud, business, technology, and threat drivers.
- Develops security strategy plans and roadmaps based on sound enterprise architecture practices.
- Creates and maintains security architecture artifacts (i.e., threat models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
- Determines baseline security configuration standards for operating systems (i.e., CSPM, OS hardening) network segmentation.
- Develop strategy for monitoring and managing Hertz external attack surface.
- Develops standards and practices for data encryption and tokenization within Hertz, based on data classification criteria.
- Drafts security procedures and standards to be reviewed by executive management and/or formally authorized by the Chief Information Security Officer.
- Establishes a taxonomy of indicators of compromise (IOC’s) and shares this detail across the Hertz Cyber Security and Compliance organization, as well as counterparts within the Technology organization.
- Tracks developments and changes in the Hertz digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.
- Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable.
- Validates security configurations and access to security infrastructure tools, including firewalls, IPS, WAF, and endpoint protection systems.
- Conducts and participates in threat modeling of services and applications that tie to the risk and data associated with the service or application.
- Coordinates with legal and compliance teams to document data flows of sensitive information within Hertz and recommends controls to ensure that this data is adequately secured.
- Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use, based on security, financial, and operational metrics.
- Liaises with other security architects and security practitioners to share best practices and insights.
- Partners with internal audit to review and evaluate the design and operational effectiveness of security-related controls.
- Drive optimal cyber security services to complete resolution according to security SLA’s.
- Handle all private information with discretion and keep sensitive information private.
- Partners with the enterprise architecture team to ensure all architectural artifacts are aligned with Hertz enterprise architecture strategies.
- Excellent teamwork competencies, seeks out opportunities to partner with all stakeholders.
- Mentors' junior security staff.
- Bachelor's degree in computer science, MIS, or related field or equivalent experience.
- 7+ years of Information Security experience required, preferably in a global Fortune 500 corporation.
- Applied knowledge of multiple security architectures to include cloud security.
- Experience with the Network Security architecture methodologies.
- Experience with STRIDE threat assessment methodologies.
- Experience with a wide range of enterprise common security platforms, endpoint security, vulnerability management, etc.
- Experience with network analysis tools.
- Experience with edge security tools such as Imperva, Zscaler, and AWS WAF
- Experience with securing cloud technology such as AWS
- Experience using security tools such as Wiz.io
- Experience automating processes using cloud tools such as AWS Lambda
- Experience scripting in python, PowerShell, etc.
- Deep expertise in security architecture.
- Capable of working under pressure in a continually changing fast paced environment.
- Ability to effectively collaborate with stakeholders across a global environment.
- Strong written and verbal communication skills.
- Strong analytical and problem-solving skills.
- Certifications desired: AWS Solutions Architect, AWS Security Specialty, Certified Information Systems Security Professional, (CISSP) Certified Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC Certified Intrusion Analyst, Global Information Assurance Certification.
- Ability to influence
- Flexible and adaptable; ability to work effectively in ambiguous situations
- Excellent verbal and written communication skills
- Results driven, ability to make decisions and help solve problems
- Ability to work under minimal supervision with a goal-oriented mindset.
- Ability to see the big picture and leverage critical thinking and decision-making skills.
- Excellent organization, time management, delegation, and prioritization skills.
- Up to 40% off the base rate of any standard Hertz Rental
- Paid Time Off
- Medical, Dental & Vision plan options
- Retirement programs, including 401(k) employer matching
- Paid Parental Leave & Adoption Assistance
- Employee Assistance Program for employees & family
- Educational Reimbursement & Discounts
- Voluntary Insurance Programs - Pet, Legal/Identity Theft, Critical Illness
- Perks & Discounts –Theme Park Tickets, Gym Discounts & more
US EEO STATEMENT
At Hertz, we champion and celebrate a culture of diversity and inclusion. We take affirmative steps to promote employment and advancement opportunities. The endless variety of perspectives, experiences, skills and talents that our employees invest in their work every day represent a significant part of our culture – and our success and reputation as a company.
Individuals are encouraged to apply for positions because of the characteristics that make them unique.
EOE, including disability/veteran
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search