Adventure's around the corner...
Principal Security Architect- US Remote
- Department Information Security & Compliance
- Location United States - Birmingham, AL
- Design and develop security architectures infrastructure cloud (i.e. AWS, Azure, GCP, etc…) and SaaS applications (Salesforce, Workday, Oracle Financials, etc…)
- In-depth knowledge on containers, data security, network security, control plane security and governance. Deep experience with security in cloud environments around GDPR/CCPA, federated security models and secrets management
- Understand security practices around the SSDLC process and tool sets such as CI/CD, SAST, DAST, pen tests, etc.
- Understand of relevant frameworks such as NIST, CIS, etc…
- Understanding for regulatory requirements and controls such as GDPR, SOX, SOC II, etc…
- Thorough understanding of enterprise architectures and security control relevance.
- Expertise in crypto standards, methods, and management
- Expertise in authentication protocols and authorization standards e.g SSL/TLS, SAML, OAuth, JWT, OPA)
- Expertise in Identity and Access Management practices, controls and tool sets.
- Experience in Security Operations practices, controls, and tools sets.
- Understand Microservice security architecture (AuthN, AuthZ architecture and user/service interaction model)
- Prior experience of building and securing large scale distributed systems on AWS, GCP, Azure, or On prem.
- Expertise in AWS infrastructure and concepts such as VPC, subnets, security groups, S3, RDS, EC2, Glacier, Lambda, IAM, security, encryption, DevOps, replication and disaster recovery
- Eager to learn new things and passionate about technology
- Prior experience handling multiple clusters and effectively managing multiple tenants in these clusters providing good governance and isolation, explain to prospective clients the cloud security model
What you would do
- Reporting within the Information Security Services department, you will be responsible for the secure architecture of the enterprise, corporate and customer facing services.
- Collaborate and align with the Business Technology area to provide security architecture direction by producing diagrams, roadmaps, and strategies for the various security controls that protect our infrastructure.
- Develop technology roadmap, architecture and implement security and compliance for the Guidewire enterprise with the Enterprise Architecture team.
- Maintain the Information Security capabilities map in coordination with the Enterprise Architecture team.
- Collaborate with DevSecOps on CICD pipeline tools and to ensure security controls are applied as necessary to the ever changing environment.
- Collaborate with Open Source communities, Product Development, Professional Services, Cloud Operations, and Business Technology and provide technical leadership to develop and maintain compliance.
- Evangelize security best practices across Guidewire.
- Create security metrics and work with the teams to achieve the same.
- Provide insight and recommendations on remediation strategies for security issues.
- Own security architecture and provide technical guidance to multiple teams.
- Ensure confidentiality, integrity, and availability within the design of architected solution.
- Ensure High Availability (HA) and Disaster Recovery (DR) are designed as part of relevant system/services.
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
The perks. The rewards. The good stuff.
We’re proud to shout about our awesome benefits packages. Holistic wellness is a big deal for us. We offer everything you need to support your work and, most importantly, your work-life balance. We’re committed to helping you be the best version of yourself. Inside and outside of work.
Receive market-competitive pay and incentive programs—because you deserve it! To help future-proof your income, we offer generous support through retirement savings plans.
HEALTH AND WELLNESS
Keep your physical and emotional health in tip-top shape with health insurance for you and your family, an employee assistance program, annual wellness reimbursement, and access to wellness resources.
Work in an environment where you’ll have the freedom and trust to make an impact, with time for your life outside of work.
Relax and kick back through our generous paid time-off programs. Make a difference in your community with three volunteer days each year. Take your own personal day of rest with My Day. We also offer 16 weeks of paid leave for all new parents.
We encourage self-directed learning, giving you every chance to become a better version of yourself, both professionally and personally. At Guidewire, lifelong learning is here for the taking.
Your career opportunities are only limited by your own imagination. Guidewire’s community is filled with chances to expand your horizons across any of our teams or worldwide locations.