Cloud Security Architect

Mountain View, CA

Pure Storage

Discover a better way to interact with your data through storage that's always modern, easy to manage, and provides a flexible way to consume.

View company page

BE PART OF BUILDING THE FUTURE.

What do NASA and emerging space companies have in common with COVID vaccine R&D teams or with Roblox and the Metaverse? 

The answer is data, -- all fast moving, fast growing industries rely on data for a competitive edge in their industries. And the most advanced companies are realizing the full data advantage by partnering with Pure Storage. Pure’s vision is to redefine the storage experience and empower innovators by simplifying how people consume and interact with data. With 9,000 customers including 50% of the Fortune 500, we’ve only scratched the surface of our ambitions

Pure is blazing trails and setting records:

  • For eight straight years, Gartner has named Pure a leader in the Magic Quadrant 
  • Our customer-first culture and unwavering commitment to innovation have earned us a certified Net Promoter Score in the top 1% of B2B companies globally
  • Industry analysts and press applaud Pure’s leadership across these dimensions
  • And, our 4,000+ employees are emboldened to make Pure a faster, stronger, smarter company as we go

If you, like us, say “bring it on” to exciting challenges that change the world, we have endless opportunities where you can make your mark.

THIS ROLE…

As a Cloud Security Architect and member of the Pure Security Office, you will utilize your strong technical competencies to provide the highest level of implementation capability and technical consultation to IT, product, and shared service engineering teams throughout Pure. 

You will lead and participate in design and requirement solutioning to heavily influence the future direction of our cloud security architecture and how we enable our cross-functional teams to deliver solutions collaboratively across highly skilled engineering teams. This is an activist role, not an “ivory tower” role. 

 

SHOULD YOU ACCEPT THIS CHALLENGE...

You will become intimately acquainted with how Pure runs its business and provides services to our customers leveraging cloud platforms and on-premise capabilities. You will lead and drive business requirements, technical architecture needs, security best practices, security reference architectures & patterns, and cloud security environment hardening. 

As an experienced engineer architect, our team will look to you to provide expertise and guidance for our cloud environments and how our products and services run securely within them. You are willing to dig into what does and does not work, then provide detailed responses and solutions with leading best practices. You will possess a thorough understanding of IT architecture, security principles, cloud hardening (AWS, Azure, GCP), designing solutions, networking, and implementation of these solutions and you must have significant experience in one or many cloud platforms. You will also be experienced in delivering large scale and complex solutions for projects utilizing all the mentioned offerings and will also be skilled in scripting to enable automation of these processes where appropriate to show others how things can be done. Again, this is an activist architect role. 

 

WHAT YOU WILL BE DOING...

  • Championing end-end security while exploring the various security and compliance standards our capabilities must meet;
  • Being the cloud security advocate for the Pure Security Organization working cross-functionally with other engineering and architecture teams;
  • Conducting and leading cloud threat modeling, educating teams on cloud security best practices, and ensuring the teams are following Pure's security policies and standards;
  • Proactively identify risks and threats, analyze possible effects of threats on Products and Services;
  • Providing secure design consultation where the cloud system architecture needs to be reviewed and help team(s) to design, develop and deploy a secure cloud architecture model;
  • Working with different teams for remediation of cloud security vulnerabilities, configurations, and secure alternative patterns;
  • Developing and executing cloud security roadmaps with a security first approach for other engineering and architecture teams to follow;
  • Contributing to the development, improvement and operational management of Security Operations, Monitoring and Incident Response practices, processes and solutions relative to our multi-cloud footprint;
  • Building up and maintaining capabilities to support privacy requirements for sensitive data in the cloud;
  • Working with leadership across all teams to provide support, guidance, and recommendations for compliance initiatives including SOC2, Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and associated federal and state privacy laws to support our product security teams;
  • Assisting in analysis of data, identifying non-conformance trends, generating concise executive summaries, and recommending design improvements;
  • Managing and executing cloud security solutions across lifecycle strategy, design, implementation and operations;
  • Participating, leading, and jointly delivering security evaluation reports on cloud providers (Azure, AWS, GCP), cloud native platforms (PCF, Docker, Kubernetes, etc.), and Software as a Service solutions;
  • Establishing security requirements for cloud-based solutions by evaluating business strategies and requirements; researching cloud infrastructure security standards such as ISO 27000 series, NIST CSF, and CSA;
  • Providing domain expertise in both public and private cloud and enterprise technology
  • Identifying and delivering appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats;
  • Providing recommendations for improvement and risk reduction by assessing cloud security posture.

 

WHAT YOU BRING TO THE TEAM...

  • A Bachelor of Science Degree in Computer Science, Engineering; or equivalent work experience; a Graduate Degree is preferred;
  • Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Kubernetes, Docker, etc.);
  • Strong domain expertise of cloud infrastructure compute, network and storage as well as the cloud control plane;
  • Knowledge of virtualization, containers, service-mesh and enterprise service business;
  • Experience with structured Enterprise Architecture practices, hybrid cloud deployments, and on premise-to-cloud migration deployments;
  • Ability to identify and drive remediation of public and hybrid cloud risks;
  • Experience in designing, implementing and delivering security for cloud native, distributed computing and architectural solutions with a principle of “Secure by Design”;
  • 10+ years of overall technical experience is preferred;
  • 5-8 years as a SME / Solutions Architect / Engineer is preferred;
  • 5+ years of full-time dedicated experience leading Cloud Security focused roles on delivering security on cloud native, distributed architectural solutions in complex environments; 
  • 5+ years of experience in defining security standards and reference architectures used to guide technical resources in secure system implementation and configuration for enterprise cloud systems and consumption of public cloud;
  • Understanding of Industry trends in cloud technologies for public, private and hybrid cloud deployments;
  • A history of scoping services offerings including data migration, integration, operational readiness, business continuity and disaster recovery solutions for cloud platforms;
  • Understanding of automation solutions and orchestration platforms (CI/CD, DevSecOps) impacted by cloud platforms;
  • Experience in coordination and submission of winning proposals (RFQs, RFIs, RFPs), effective contract negotiations, appropriate/applicable interpretation of contract terms and conditions, issue identification and risk mitigation for new technologies or services;
  • Knowledge of encryption and tunneling protocol methods;
  • Good understanding of security software implementations and communication (SSL/TLS, HTTPS, PKI, Firewall, etc.);
  • Experience with common security scanning tools such as DTR, Twistlock, SonarQube, Snyk, ShiftLeft, Lacework;
  • Development experience in one of the following languages is a plus: Python or Go; 
  • Experience with security laws and frameworks such as SOC2, ISO 27001, HIPAA, HITRUST, FedRAMP, PCI-DSS, and others;
  • One or more technical security certifications is a plus:
    • CCSP – Certified Cloud Security Professional
    • CISSP – Certified Information Systems Security Professional
    • CSSLP – Certified Secure Software Lifecycle Professional
    • AWS Solution Architect Professional Certification
    • Microsoft Certified: Azure Solutions Architect Expert Certification
    • Google Professional Cloud Architect Certification

#LI-MB3

BE YOU—CORPORATE CLONES NEED NOT APPLY.

Pure is where you ask big questions, think differently, and make an impact. This is not just a job, but a place where you have a voice and can accelerate your career. We value unique thoughts and celebrate individuality, and with ample opportunity to learn, develop yourself, and expand into different roles, joining Pure is an investment in your career journey.

Through our Pure Equality program, which supports a flourishing field of employee resource groups, we nourish the personal and professional lives of our team members. And our Pure Good Foundation gives back to local and global communities through volunteering and grants.

And because we understand the value of bringing your full and best self to work, we offer a variety of perks to manage a healthy balance, including flexible time off, wellness resources, and company-sponsored team events.

PURE IS COMMITTED TO EQUALITY.

Research shows that in order to apply for a job, women feel they need to meet 100% of the criteria while men usually apply after meeting about 60%. Regardless of how you identify, if you believe you can do the job and are a good match, we encourage you to apply.

Pure is proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender, gender identity, gender expression, transgender status, sexual stereotypes, age, status as a protected veteran, status as an individual with a disability, or any other characteristic legally protected by the laws of the jurisdiction in which you are being considered for hire. 

If you need assistance or an accommodation due to a disability, you may contact us at TA-Ops@purestorage.com.

APPLICANT & CANDIDATE PERSONAL INFORMATION PRIVACY NOTICE.

If you're wondering how or why Pure collects or uses information you provide, we invite you to check out our Applicant & Candidate Personal Information Protection Notice.

DEEMED EXPORT LICENSE NOTICE.

Some positions may require a deemed export license for compliance with applicable laws and regulations. Please note: Pure does not currently sponsor deemed export license applications so we are unable to proceed with applicants requiring stated sponsorship.

PURE’S COMPLIANCE WITH THE U.S. GOVERNMENT COVID-19 MANDATE

In accordance with Pure’s policies, current and anticipated federal regulations, and our ongoing commitment to prioritizing the health and well-being of our employees, partners, and customers, and the community at large, where permitted by law, all Pure employees and contractors working in the United States are expected to be fully vaccinated against COVID-19 no later than January 18, 2022. Should you require an exemption for medical or religious reasons, you must initiate Pure’s exemption request process which will determine if an exemption can be granted in accordance with applicable local, state, and/or federal law.

Tags: Automation AWS Azure CCPA CCSP CI/CD CISSP Cloud Compliance Computer Science DevSecOps Docker Encryption FedRAMP Firewalls GCP GDPR HIPAA HITRUST Incident response ISO 27000 ISO 27001 Kubernetes Monitoring NIST PKI Privacy Product security Python R&D Scripting SOC 2 SonarQube Strategy TLS Twistlock Vulnerabilities

Perks/benefits: Career development Flex hours Flex vacation Health care Insurance Team events Wellness

Region: North America
Country: United States
Job stats:  11  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.