Cloud Security Director/Architect
Posted 6 months ago
Headquartered in Silicon Valley, with offices located worldwide, OpsRamp is a modern SaaS platform company that’s just entered its next stage of growth with new investment from Morgan Stanley, HPE, and Sapphire Ventures. We’re disrupting the $28 billion-dollar market of IT operations management, fundamentally changing how IT teams support the business through infrastructure management.
As one of Forbes’ Top Cloud Computing Companies to Work For, we’re working to upend the old way of discovering, monitoring, managing, and automating IT infrastructure with tomorrow’s innovations like artificial intelligence, cloud capabilities, and more. We’re building the best team of innovators, thinkers, and doers in technology to realize the future of digital operations and bring it to life. It’s truly the dawn of a new era for a major market, and we’re in the center of it. Are you ready to join the future of IT operations?
What we are looking for
- The Cloud Security Architect will serve as the central point of contact for Enterprise Security for engineering teams across the organization for all matters related to platform cloud security. The successful candidate possesses the excellent interpersonal and communication skills required to partner with other leaders across the business to identify opportunities and risks and to develop and deliver solutions that support business goals while protecting organizational intellectual property.
- The Architect will have security expertise to work with customers to showcase OpsRamp secured platform and how it works for customers' data and security controls.
- A Cloud Security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products. We are looking for a Security Architect who will lead the design and development of security architecture for OpsRamp SaaS platform. This position will directly contribute to the overall security vision and strategy around cloud-based platforms including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS) for multi-channel delivery. In this role, you will be ensuring secure development and deployment of OpsRamp platform consuming threat intelligence, conducting threat modeling, and designing robust, resilient, and secure cloud and mobile products working with engineering and CloudOps.
- This is a technical leadership role that requires proven hands-on software design and development skills including programming using object-oriented language along with strong leadership skills. We expect this individual to be a self-starter to lead and mentor a team of talented developers, SRE, and production engineers towards future innovations generating customer value. Leadership experience in delivering cutting edge SaaS platform/product with end to end ownership through the software life cycle.
- Bachelor/Master degree in Computer Science, information security, and related fields
- 5-10 years of experience in developing highly scalable and available enterprise-grade secured platforms and applications
- Extensive experience in information security and/or IT risk management with a focus on security, performance, and reliability.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc). Multi-tenant aware security aspects of all layers in SaaS platform hosting solutions.
- One or more cybersecurity certifications such as the CISSP (+ISSAP), CCSP, SABSA GSEC, or other relevant certifications.
- Experience with deployment orchestration, automation, and security configuration management.
- Experience with service-oriented architecture for cloud-based services.
- Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
- Experience working in a Linux/Windows development environment, debugging skills at infrastructure level for OWASP and other security compliances.
- Experience with building, modifying, and improving frameworks required for modern security challenges and compliance
- Prior experience working in a startup, and a thirst for doing so again will be positive.
- Good team management skills with the ability to coordinate with onsite and offsite teams
- The ability to collaborate and thrive in a dynamic high performing environment is required
- Familiarity with agile, scrum, and test-driven development methodologies
- Duties may require being on call periodically or working outside normal working hours (evenings and weekends)
- Good working knowledge of Cloud and IT risks and experience implementing security solutions for private and public clouds using modern application (Cloud Native Apps) and infrastructure
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures including working with customers and partners to educate on product, process, and certification associated with security.
- Excellent written and verbal communication skills as well as business acumen and a commercial outlook
What you will do at OpsRamp ...Primary Responsibilities
- Involved in the life-cycle software delivery work influencing security best practices in the development and deployment of a SaaS platform with multi-tenant and multi-cloud instances.
- Coach, guide, and mentor junior members on security best practices for a cloud-based software solution
- Creates architectural artifacts; provides standards and governance oversight for the platform development deriving strict guidelines to adhere to industry security standards.
- Engage with customers and sales team to drive actions for security certification and reviews
- Creates, refines, delivers, and evangelizes information security standards to be used throughout the development cycles and craft deployment practices that balance business needs and external requirements
- Leads governance and interpretation of architectural standards, design concepts, and frameworks. Conducts and attends project meetings to provide security and governance input throughout project lifecycles. Identifies security design gaps in existing and proposed architectures and recommends changes or enhancements to existing processes or systems.
- Provides feedback on future security controls configuration and security architecture to protect SaaS business from any exposure to vulnerabilities
- Active participation in various forums to understand the operational status of production systems and implementing architectural changes to address operational issues
- Act as subject matter expert and as the point of contact for external parties (clients, auditors, prospects) interested in OpsRamp security.
- Analyzing the static and dynamic code analysis using industry-leading tools and guide development teams in making the right resolutions.
- Support sales team with knowledge and resources on OpsRamp security practices: answer questionnaires, review contracts, and attend calls with customers and prospects.
- Work across internal teams to track security/compliance initiatives.
- Organize and track audit documentation, audit evidence, and security policy updates across OpsRamp.