Senior Information Security Architect

The Challenge

OneTrust is seeking an Information Sr. Security Architect to continue our strong commitment to delivering a secure and capable platform. The person who occupies this role would be responsible for working closely with highly capable cross functional teams, including IT, Operations, and Compliance, to ensure that our company's systems and data are protected from unauthorized access, theft, or damage in an ever-changing threat environment. A successful candidate will have significant experience securing enterprise systems and cloud infrastructure, and the aptitude, experience, and desire to become an expert on this critical information security practice, which underpins a world-class privacy solution.

Your Mission

In this role, you will develop and maintain our security architecture framework and strategy, conduct risk assessments and vulnerability testing, develop and implement security policies, procedures, and standards, develop and implement security solutions, and create, maintain, and share technical documentation used by engineers and other team members while collaborating with cross functional teams across the enterprise.

• Develop and maintain the company's security architecture framework and strategy
• Collaborate with cross-functional teams to design and implement security solutions that meet business requirements
• Conduct risk assessments and vulnerability testing to identify security gaps and areas for improvement
• Develop and implement security policies, procedures, and standards in accordance with industry best practices and regulatory requirements in collaboration with other Information Security teams
• Stay current with emerging security trends, threats, and technologies, and make recommendations for improving the company's security posture
• Act as a subject matter expert on security-related issues and provide guidance to cross-functional teams
• Develop and maintain relationships with external security vendors, consultants, and other stakeholders to ensure the company's security solutions are aligned with industry standards

You Are

• A strong technical communicator with excellent problem-solving skills, and the ability to engage and interact with global teams.
• At an Information Security engineer skill level.
• Knowledgable in various areas spanning public cloud infrastructure, network, identity management and application security practices
• Strong in concepts security architecture principles, technologies, and best practices
• Knowledgable of regulatory requirements and standards, such as GDPR, HIPAA, and PCI DSS
• Able to work independently and as part of a team

Your Experience Includes:

• Bachelor’s degree in a related field or equivalent experience required
• Must have demonstrable experience as an IT security professional
• Advanced planning/organizational, problem-solving, analytical, consulting, time management and decision-making skills required
• Must have demonstrable knowledge of Azure or other cloud platforms (AWS, GCP)
• 5+ years of experience in security architecture or related field
• Knowledge of regulatory requirements and standards, such as GDPR, and PCI DSS

Extra Awesome

• Experience with UML
• Experience mapping capabilities, configurations, and tools to security frameworks and control sets
• Experience automating data extraction, transformation and load between APIs, public clouds, information security tools, and reporting solutions
• Experience using Jira to manage complex efforts