Information Security Architect

Position Title

Information Security Architect

Overview

Blue Yonder is currently revamping its security posture completely after hiring our new CISO. The new focus will be on building an enterprise security organization that is enabled and empowered to deliver an end-to-end security service to the business. This role is directly supporting the professional services, 3rd party, and customer solutions and ensures that security will be architected and ingrained in all the professional services from the start. Overall this role will ensure that security requirements, designs, and developments for customers, performed by the professional services organization, will adhere to secure practices and to build state-of-the art security-by-design services (or product customizations).

This is a new role, reporting directly to the Director Security Architecture and Engineering of Blue Yonder. The Information Security Architect will support the Director to define, develop, and maintain the ongoing security development efforts across the professional services space and leveraging the global security organization's architecture standards and templates (or create / adopt these) to deliver a world-class and visionary approach that will enable a distinctive competitive advantage for the future.

Other peer functions this role will need to interact with on a daily basis are: the Senior Security Architect Network and Cloud, the Senior Security Architect Endpoints, and the Senior Security Architect Applications

Key deliverables in year one:

• Join and help form a company-wide security architecture group that aligns our development, building, and customization efforts from an enterprise security perspective and further define the required duties and services.
• Absorbing the security roadmaps and policies from peers and translating them into technical solutions and professional services outcomes for the current year.
• Defining and implementing a complete end-to-end services model that ensures security by design and build, and significantly reduces vulnerabilities that would be found in later stages of the life cycle.
• Develop the secure design standards for areas covering professional services, and secure code repository management.
• Support the CISO function in all aspects in building a word-class security organization.

Responsibilities:

• Define architectural standards for security solutions and services based on frameworks such as TOGAF or SABSA and leveraging either existing or to be built design artefacts and standards. Ensuring that security happens in the PS world.
• Communications around secure service delivery and educating stakeholders to ingrain security in the customization and adoption phase. Drafting and writing material around the introduction of OWASP, SANS top 20, CIS and such standards.
• Potentially manage other architects / engineers and build secure services for the company and customers. Ensure open (but secure) interfaces for overall program activities and alignment & improvements.
• Help form a security design review board that ensures alignment, communication, security control points, and improves speed to market and also security by design and build. Define code review standards and help select tools to support these efforts.
• Develop an architectural current state diagram and topology across the customization / services area. Prepare a vision 2025 and capture future state. Then work with all security organization to achieve that goal.
• Knowledge management.

Qualifications

• 8+ years of security technology and relevant experience required.
• Security Architecture experience across multiple industries (preferred), minimum 2 different industries
• Previous experience in security services development and management for global, multinational companies
• Security architecture review board experience, secure coding and SSDLC implementation.
• Secure design principles and security standard development experience required.
• Multi-platform experience in software development companies, supporting multiple independent areas of development.
• Current state and future state architecture diagrams, technical roadmap support and overall technology market overview.
• Security solution architecture delivery in relations to and in concert with a to be defined enterprise architecture approach.
• Masters degree in Information Security / Systems, Computer Science or related industry experience
• CISSP certification is required
• CISSP with concentration on architecture (highly preferred or must accomplish in first year)

*LI-CW1

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success - and the success of our customers. Does your heart beat like ours? Find out here: Core Values

Diversity, Inclusion, Value & Equality (DIVE) is our strategy for fostering an inclusive environment we can be proud of. Check out Blue Yonder's inaugural Diversity Report which outlines our commitment to change, and our video celebrating the differences in all of us in the words of some of our associates from around the world.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.