Principal Security Architect
- Department: Information Security & Compliance
- Location: San Mateo, CA, USA
- Country: USA
Principal Security Architect
Are you passionate about architecting security at the Enterprise level?
Do you have prior experience designing security platforms across a breadth of software environments, from the hybrid world of enterprise applications, SaaS solutions, and cloud services offered to both the corporate users and customers? Are you an expert in aligning architecture to enterprise security standards and industry best practices while ensuring that the architecture finds the balance between security, compliance and operational ease? We have the job for you. You will lead the security architecture as part of the Information Security team at Guidewire and work in a highly collaborative environment building next generation platform and services.
What you would do
· Reporting within the Information Security Services department, you will be responsible for the secure architecture of the enterprise, corporate and customer facing services.
· Develop technology roadmap, architecture and implement security and compliance for the Guidewire enterprise.
· Collaborate with cross functional teams to architect various security controls such and translate them for engineering implementation.
· Collaborate with Open Source communities, Product Development, Professional Services, Cloud Operations, and Business Technology and provide technical leadership to develop and maintain compliance.
· Evangelize security best practices across Guidewire.
· Create security metrics and work with the teams to achieve the same.
· Provide insight and recommendations on remediation strategies for security issues.
· Own security architecture and provide technical guidance to multiple teams.
· Ensure confidentiality, integrity, and availability within the design of architected solution.
· Ensure High Availability (HA) and Disaster Recovery (DR) are designed as part of relevant system/services.
· Mentor others in security best practices.
What you would need to succeed
· Prior deep security experience and passion for building enterprise platforms and customer facing solutions.
· In-depth knowledge and experience in privacy engineering or security engineering
· Emphasize team wins over individual success.
· Strong technical communication skills.
· Proven track record of architecting secure, compliant, cost-effective, and highly available solutions.
· Proven track record of designing solutions with security in-depth solutions.
· 12+ years within Information Security Services designing, building, and maintaining secure, compliant, and cost-effective solutions.
· BS or MS degree (Computer Science or Math)
· Preferred, industry-based certifications such as CISSP, CISM, CISA, etc…
· Preferred, technical certifications from cloud providers or security tool providers.
- Design and develop security architectures for hybrid and multi-cloud based systems that comply with
- In-depth knowledge on containers, data security, network security, control plane security and governance. Deep experience with security in cloud environments around GDPR/CCPA, federated security models and secrets management
- Understand security practices around the SSDLC process and tool sets such as CI/CD, SAST, DAST, pen tests, etc.
- Understand of relevant frameworks such as NIST, CIS, etc…
- Understanding for regulatory requirements and controls such as GDPR, SOX, SOC II, etc…
- Expertise in crypto standards, methods, and management
- Expertise in authentication protocols and authorization standards e.g SSL/TLS, SAML, OAuth, JWT, OPA)
- Expertise in Identity and Access Management practices, controls and tool sets.
- Experience in Security Operations practices, controls, and tools sets.
- Understand Microservice security architecture (AuthN, AuthZ architecture and user/service interaction model)
- Prior experience of building and securing large scale distributed systems on AWS, GCP, Azure, or On prem.
- Expertise in AWS infrastructure and concepts such as VPC, subnets, security groups, S3, RDS, EC2, Glacier, Lambda, IAM, security, encryption, DevOps, replication and disaster recovery
- Eager to learn new things and passionate about technology
- Prior experience handling multiple clusters and effectively managing multiple tenants in these clusters providing good governance and isolation, explain to prospective clients the cloud security model
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. 380 insurers, including the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 700+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.