Software Security Architect

Job Title: Software Security Architect

Introduction:

As a leader in the retail industry, here at Toshiba Global Commerce Solutions we focus on delivering high availability software solutions to meet ever changing market needs. Our product suite includes traditional and cloud-based deployments to allow for flexibility when determining what solution is best for a given retailer. Creating a culture of inclusion for all employees that respects their individual strengths, views, and experiences is paramount. We believe that our differences enable us to be a better team - one that makes better decisions, drives innovation, allows for individual empowerment, and enables higher quality solutions to be delivered to our customers.

Responsibilities:

Toshiba Global Commerce Solutions is hiring a Global Security Architect for software solutions and Integration. This position will be responsible for setting, delivering, implementing and improving an effective security approach for all TGCS software products (installed on-prem or in the cloud). The Global Security Architect scope includes all software product offerings provided to customers along with the infrastructure used to support those deliveries. This individual must ensure a clear organizational security strategy is understood by all and devises a plan to achieve the agreed upon goals. The individual in this role must be a strong team player and work with multiple groups to help ensure security is at the forefront of delivering products to our customers.

Duties and Responsibilities:

• Planning, researching, and designing security architectures
• Implement and enforce cloud security policies
• Manage access control administration
• Drive risk assessments and thread modeling
• Ability to assess customer's multi-cloud ecosystem of systems & processes and make strategic recommendations that align with modern security practices and principles
• Establish common security tooling across the SW organization
• Review and advise on security scan results. Own the security release clearance.
• Participate in Architectural Review Board Discussions as the security approver
• Understand PCI/PADSS and the software security framework certification for applications
• Manage Software Development security vulnerability process for internal use and external deliverables
• Create and manage disaster recovery for Cloud Ops and Infrastructure
• Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments
• Strong domain expertise of cloud infrastructure compute, network and storage as well as the cloud control plane. Knowledge of virtualization, containers, service-mesh and enterprise service business
• Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on-premise-to-cloud migration deployments
• Document formal security plans, protocols and results
• Monitors implementation activity to ensure architecture and design principles are upheld.
• Ensures implementation solutions support architecture objectives (e.g., availability, scalability, performance, security, etc.), as appropriate.
• Participates in governance team discussions and provides a strong voice on critical decisions.
• Communicates complex technical concepts effectively to a broad group of stakeholders.
• Trouble shoot technical issues to prove value of implementation of Security technologies
• Remaining up to date with the latest security systems, standards, authentication protocols, and products.
• Broad experience in security and expertise around related technologies and concepts such as Zero Trust,threat management, SOC monitoring (SIEM / SOAR), and Extended Detection & Response (XDR) + SIEM, and Identity.

Requirements:

• One or more Cloud Security Certification: CCSP - Certified Cloud Security Professional, CISSP - Certified Information Systems Security Professional, CSSLP - Certified Secure Software Lifecycle Professional
• Bachelor's degree or higher in Computer Science, or equivalent field.

• 10+ years of experience in information security and Software risk management.
• 5+ years of experience in software development
• 5+ years of experience in solution delivery experience in Security specialized solution providers.
• A strong working knowledge of current IT risks, security implementations, and computer operating and software programs.
• 7+ years of team leadership experience.
• Project management experience.
• Excellent technical writing as well as verbal communication skills.
• Strong analytical skills and great attention to detail.
• Extensive knowledge of software and system testing and validation methods at all levels.
• Ability to understand use cases and application usage scenarios for planning and execution of security testing.
• Must be self-starter with the ability to coordinate work with other solution groups.
• Experience with SDLC tools for requirements management, configuration management, defect tracking and continuous integration.
• Coaching and mentoring skills.
• Programming experience demonstrating applied security.

About the Company:

Toshiba Global Commerce Solutions is a dynamic billion-dollar global company based in Research Triangle Park, NC, providing retail store solutions to your favorite brands. Have you ever been in a hurry and made use of the self-checkout at Lowe's Foods, earned fuel rewards at Kroger, or just paid for purchases at retailers such as Walmart, Michaels, Carrefour, The Gap, Calvin Klein, Boots, Cencosud, BJ's, or Costco? These are just a few examples of our in-store solutions and impressive customer base that made us the world's installed market share leader.

The nature of retail is changing quickly, so if you share our 'Together Commerce' vision of a seamless two-way, participatory shopping experience, let's get together to drive the new economy.

Toshiba Global Commerce Solutions, Inc. offers a competitive salary and generous benefits package including the following:

• Group health coverage (medical, dental, & vision)
• Employee Assistance Programs
• Pre-tax spending accounts
• 401(k) plan w/ match
• Company provided life insurance
• Pet Insurance
• Employee discounts
• Generous paid holiday schedule, paid vacation & sick/personal days

EEO:

Toshiba Global Commerce Solutions is an equal opportunity/affirmative action employer that evaluates qualified applicants without regard to age, ancestry, color, religious creed, disability, marital status, medical condition, genetic information, military or veteran status, national origin, race, sex, gender, gender identity, gender expression and sexual orientation or any other protected factor. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

Individuals who need a reasonable accommodation because of a disability for any part of the employment process should email [email protected] to request an accommodation

DIVERSITY, EQUITY & INCLUSION:

We at Toshiba Global Commerce Solutions firmly believe that our people are an integral part to the success of our customers. Furthermore, we're committed to Diversity, Equity, and Inclusion for all our people as highlighted by our5 Core Principles (Create Outreach, Foster Belonging, Unleash Opportunity, Diverse Cultural Engagement and Culture of Transparency). We're passionate about our customersthe retail industry and becoming a more responsible company as we help create a brighter future.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)