Principal Cloud Security Architect

Key Skills

.NET, AWS, Azure, Google Cloud Platform (GCP), Java Programming, JavaScript, Python Programming, REST API, RESTful, Streaming APIs

Job Description

Primary Tasks and Responsibilities:

• Perform security architecture design as well as secure code reviews, ensuring compliance with Company and industry standards
• Develop cloud native secure architectural reference documents to ensure internal and third-party services are deployed in adherence with cyber security controls and industry best practices
• Advocate for the implementation of security solutions throughout Truveta, ensuring emerging technology and open-source products can be easily integrated into current security tools
• Advance Company security posture, leading the effort to ensure a modern cloud native approach to enable the achievement of organizational goals and objectives
• Thorough comprehension of Truveta’s cloud native infrastructure and capable of recommending enhancements to ensure current technology enables adherence to the security controls defined in policies and SOPs
• Knowledgeable of public key infrastructure best practices to ensure digital certificates are effectively and securely managed throughout their lifecycle
• Be a single point of contact for Product and Engineering team members, helping design internal applications that adhere to modern cyber security control framework and industry best practices
• Collaborate with Product and Engineering to drive the secure deployment of third-party applications and services
• Assist in the creation of key performance indicators (KPI) that enable stakeholders to understand security control gaps in current deployments
• Establish disaster recovery procedures and, in collaboration with security operations, conduct incident and disaster recovery tabletop exercises
• Remain current with the latest cyber security trends, standards, authentication protocols, and products

Key Qualifications:

• 7+ years of coding experience building production quality software in a team setting is a must.
• Strong experience with serverless RESTful APIs to support API-driven services for system-to-system usageThe knowledge, skills and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to Computer Science, Information Security, and Information Systems
• 7+ years of experience across multiple cyber security disciplines and technical expertise in secure SDLC
• Deep understanding of current application security technologies (e.g., OWASP, container security tools, DAST, SAST, SCA, web application pen tests, WAF security, API security)
• Strong working knowledge of current IT risks and security implementations, including infrastructure and application security solutions
• Able to interact with all levels of the Company, including a wide range of people from different backgrounds and with differing technical acumen
• Mentor and guide peers, cultivating a sense of security awareness on-the-job security training

Preferred Qualifications

• Experience in performing detailed technical architecture assessments to identify gaps or potential threat-vectors
• Experience with .NET, Python, Java, and JavaScript development are a plus
• Certifications in Information Security, e.g., GSEC, GISP, CISSP, CISM, CRISC, CISA, or other security relevant accreditations
• Experience in delivering product security in one or more public clouds (Azure, AWS, GCP)
• Experience in securely operating highly distributed systems with published SLAs
• Experience with supporting engineering compliance, e.g., HIPAA, ISO, SOC2

Why Truveta?

Be a part of building something special. Now is the perfect time to join Truveta. We have strong, established leadership with decades of success. We are well-funded. We are building a culture that prioritizes people and their passions across personal, professional, and everything in between. Join us as we build an amazing company together.

We Offer:

• Interesting and meaningful work for every career stage
• Great benefits package
• Comprehensive benefits with strong medical, dental and vision insurance plans
• 401K plan
• Professional development & training opportunities for continuous learning
• Work/life autonomy via flexible work hours and flexible paid time off
• Generous parental leave
• Regular team activities (virtual and in-person as soon as we are able)
• The base pay for this position is $231,000 to $278,500. The pay range reflects the minimum and maximum target. Pay is based on several factors including location and may vary depending on job-related knowledge, skills, and experience. Certain roles are eligible for additional compensation such as incentive pay and stock options.