Report this Job
POSITION SUMMARY:
The IT Cloud Security Architect, Data Science has significant responsibilities related to securing Client's Data Science environment, Databricks. Their primary focus to serve as the lead security resource on Client's Databricks deployment project to ensure all security risk is properly addressed. The architect will coordinate with other IT Risk Management leads to deploy and integrate their domain specific tooling, will take primary ownership of security and compliance workstreams, and will champion security-minded
approaches in Data Science functional discussions with application technical and functional teams.
REQUIREMENTS FOR CONSIDERATION:
Proven experience securing a Databricks data science platform with a GCP Big Query backend(link removed)>
Strong Experience in applying industry standard cyber security frameworks and vendor blueprints to business problems
5+ years development experience with solid programming abilities including Powershell, Python, YAML, WebService API's.
5+ years of progressive career experience focusing on GCP Cloud Security and Application Security Architecture
Bachelor's degree in Computer Science, a related field, or applicable work experience
Excellent technical and non-technical documentation skills including security standards, policies, guidelines, and procedures, change documentation, enterprise end-user communications, technical knowledge articles, infrastructure diagrams, and process charts.
Deeply articulate in security risks associated with SaaS services, their integration with legacy on-premise systems, and commonly associated security solutions.
Infosec certifications such as ISC2 (CISSP or CCSP) or ISACA (i.e.: CRISC, CISA, CISM, etc)
Technical infosec certifications such as Google Certified Security Engineer, Google Certified Professional Cloud Architect
Experience performing enterprise security risk assessments, selecting appropriate technical controls, liaising with business partners through the project lifecycle, and complete risk-acceptance handling of residual risks.
Proven ability to design, document, and implement reusable security patterns.
Experience in designing data protection and privacy-centric security controls in enterprise data-warehouses including ingestion, ETL, storage, analytical consumption, and reporting.
Experience with integrating code scanning for vulnerabilities into CI/CD pipelines for Cloud Native deployments
Experience with AD group structuring.
Strong leadership skills in accountability and customer focus
Proactive and able to catch issues before failures
Experience interacting with business users and vendors including vendor management
Excellent communication skills; feels comfortable working with non-technical business partners
Work with production support and project consultants in an onshore / offshore model
Flexibility of providing support during odd hours, weekends, and peak seasons
Minimal travel required (training/conferences).
CORE JOB RESPONSIBILITIES:
Application Support: Develops procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures.
Business Process Improvement: Analyzes business processes; evaluates alternative solutions, assesses feasibility, and recommends new approaches, typically seeking to exploit technology components. Evaluates the financial, cultural, technological, organizational and environmental factors which must be addressed in the change program. Develops business requirements for the implementation of significant changes in organizational mission, business functions and process, organizational roles and responsibilities, and scope or nature of service delivery.
Information Management: Ensures that the business processes and information required to support the organization are defined and devises appropriate standards, processes and data architectures. Evaluates the impact of any relevant statutory, internal or external regulations on the organization's use of information and develops strategies for compliance.
Problem Management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services. Ensures that such problems are fully documented within the relevant reporting system(s). Leads the development of problem solutions. Coordinates the implementation of agreed remedies and preventative measures. Evaluates patterns and trends.
Relationship Management: Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans. Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to. Uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management. Contributes to the development and enhancement of customer and stakeholder relationships.
ADDITIONAL RESPONSIBILITIES:
Partner with technical and non-technical team members to assess security risk in business solutions, across varied systems and landscapes. Recommend, develop, deploy, and monitor appropriate mitigating controls. Document and socialize residual risk.
Collaborate with cloud experts and cloud novices to implement the Databricks platform in a security minded manner
Identify analytical points of interest in raw data exports from security tooling and infrastructure systems, merging with other data sources, and build repeatable reports and automated threat response.
Develop and deploy automated solutions to monitor, alert, and remediate security and compliance findings in public cloud infrastructure and deployed code.
Inherent Technologies
