Principal Data Security Architect

Summary:

The Principal Data Security Architect requires a background in Security engineering, vulnerability assessment, threat hunting, incident response, tools and techniques for continuously monitoring the vulnerability of an enterprise, and experience in developing security engineering solutions to improve the security of the infrastructure.

Responsibilities:

• Strategic Leadership:
  • Help lead and guide the data security projects, leveraging broad IT expertise in data security & AWS Cloud to address critical gaps within their data security-cloud infrastructure security division.
  • Collaborate with key stakeholders to define and implement a strategic roadmap for enhancing data security posture of their AWS Cloud environment, Azure, GCP.
  • Take a lead role in maturing the existing cloud security team, ensuring the team is well-equipped to handle the evolving challenges in data & cloud security.
• Security Architecture and Engineering:
  • Design and architect robust data security solutions tailored to their AWS Cloud ecosystem, focusing on fully securing the environment.
  • Leverage 5-7+ years of hands-on expertise within AWS Cloud tools/technologies to design and implement data security solutions, ensuring adherence to best practices.
  • Prioritize and implement security measures across DevOps/Infrastructure, and data/information security, addressing vulnerabilities and potential threats. (
  • Data encryption, in transit and at rest, data RBAC, adherence to regulatory, logging and alerting.
• Data Lake Security and Encryption
  • Extensive experience architecting data security solutions to cover AWS Cloud environment (plus: multi-cloud experience – Azure and/or GCP)
  • Expertise & advanced AWS Data Lake security experience to implement and enhance security measures around data lake, ensuring the protection and integrity of sensitive information.
• Team Leadership and Communication:
  • Lead data security team, demonstrating strong leadership qualities, effective communication, and team-building skills.
  • Design roadmap/blueprints to new data security solutions – including creating deliverables, delegate tasks, set clear expectations/milestones, and ensure the data security team operates in alignment with best data/cloud security practices and others as required.
  • Communicate effectively with team members and stakeholders, providing guidance on security matters, and fostering a collaborative and proactive security culture within the organization.
  • Proficiency with AWS Cloud/DevOps technologies, and a strong preference for experience with DSPM security tooling. The role requires not only technical expertise but also the ability to communicate complex security concepts to a diverse audience and drive a culture of continuous improvement in cloud security practices.

Requirements:

• Advanced Data Security background (hands-on Data Encryption & Data Lake Security experience)
• Leadership experience, communication skills, and team-building capabilities
• Strong AWS Cloud & DevOps tooling/technology expertise
  • Plus: Multi-cloud experience (prior Azure and/or GCP)
• Plus: Widespread advanced security background (cloud security, server networking, DevOps, software security, & data/information security)
  • experience architecting security solutions to cover AWS Cloud environment multi-cloud experience – Azure and/or GCP)
  • Experience with DSPM, CSPM, configurations, RBAC.
  • Advanced working knowledge of Terraform, S3, Kubernetes.
  • Encryption expertise & advanced AWS security experience, security measures and control measures.
  • Experience and advanced understanding of labeling, masking, including mask or read and write, encryption at rest, in transit, cross AWS account data access.
  • Expertise and advanced understanding AWS Glue, ETL, IAM roles.
  • Understanding of Databases
• 5-7+ yrs of professional experience
• Bachelor's Degree (pref. Computer Science, Information Technology/Cyber Security or related field)