Apply on Employer Site

Seminole Gaming · 2 months ago

IT SECURITY ARCHITECT

US-FL-Davie

Full-time

Onsite

Senior Level

Seminole Gaming is looking for an IT Security Architect to provide technical security guidance and leadership in the design and maintenance of information systems. The role involves developing security strategies, collaborating with various teams, and ensuring compliance with security standards while addressing security gaps in the organization's architecture.

CasinoGambling

Responsibilities

Leads the development of a strategic security architecture vision, including standards and frameworks that are aligned with overall business strategy using the current technology roadmap

Create security strategies to improve controls and architecture for critical security infrastructure including endpoints, mobile devices, containers, authentication and authorization, logging, and threat

Provide subject matter expertise on infrastructure (on-prem & cloud), application, and database

Works with the business and IT from and security perspective - determines security requirements and infosec strategy by evaluating business strategies and requirements; researching information security standards; conducting system security, vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates

Collaborate with Dev teams in designing and continuously improving the Secure Software Development Lifecycle (S-SDLC)

Enabling and facilitating Proof of Concepts

Maintain a deep technical knowledge of Microsoft data center technologies, including Active Directory, Office 365, Azure, and Windows Servers

Work with the appropriate teams to respond to incidents and to take charge when needed

Migrate on-premises workloads to the cloud

Manage cloud environments (Azure, AWS, GCP, etc.) to ensure optimal security, performance, scalability, availability, and operations

Works with Engineering for the continuous improvement of the company’s Public Key Infrastructure (PKI) systems and automations

Review existing architecture, identify design gaps, and recommend security enhancements Coordinates with members of the IT and technology organization, as well as business, to plan, develop, implement and maintain compliance with Center for Internet Security (CIS) or other security configuration frameworks

Maintain knowledge and stay up to date regarding new security technologies and integrate new technologies into security architecture design when appropriate

Represent the security team in change control activities and ensure proposed changes are in alignment with security best practices

Write formal security assessments as well as providing smaller ad-hoc system security reports by collecting, analyzing and summarizing data and trends as necessary

Develop security metrics and measurement capability to demonstrate operational security posture

Performs other security team relevant duties and responsibilities as assigned

Qualification

Security ArchitectureCloud Security ManagementZero Trust Network ArchitectureIncident ResponseSecurity Standards ComplianceKubernetesCISSPNetwork SecurityApplication SecurityMulti-taskingCommunication SkillsLeadership SkillsProblem SolvingProject Management

Required

Bachelor's degree preferred in Computer Sciences, Information Technology, or related field

Experience with container-based orchestration (Kubernetes and similar) and microservices architecture

Working knowledge of Zero Trust Network Architecture (ZTNA)

Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series

At least one industry standard certification such as GSEC, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or other security vendor certification

Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus

Clear ability to build strong relationships and establish trust with stakeholders at all levels

Excellent verbal and written communications skills

Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner

Ability to solve complex problems in a timely manner by working with multiple stakeholders

Ability to manage multiple tasks and work streams effectively

Ability to follow detailed processes and procedures with a high degree of accuracy

Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product

Experience of network design, mobile security, network and firewall security technologies and vulnerability management, scanning

Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten

Experience managing project through the full system development lifecycle

Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies

High degree of skill and knowledge in managing and part taking in incident response, Intrusion Prevention Systems, Intrusion Detection Systems, SEIM, Endpoint security solutions

Flexibility to travel as required up to 15% overnight travel