DIRECTOR, SECURITY ARCHITECTURE - 60207

Does ensuring the security of a massive cloud platform get your mind racing? Are you passionate about designing secure architectures and improving the resilience of cloud services?   At Acquia our PaaS and SaaS services span over 9,000 AWS EC2 instances and power some of the world's most popular web sites.  Join us and lead our security architecture group.

Summary:

Acquia is looking for an expert, passionate Director of Security Architecture to be responsible for reviewing and designing the security of all Acquia's products in collaboration with Acquia's engineering, operations and corporate security teams.  You think like a hacker would, anticipating the moves and tactics that hackers would use to try and gain unauthorized access to Acquia systems. You stay current on the latest developments that security field both to protect cloud-based products and also how they can be exploited.   

Responsibilities:

• Analyze and interpret business and security requirements and translate them into architectures and specific technology requirements.  Recommend and prototype possible implementations.
• Develop presentations and diagrams to communicate the current state of our security and future security design requirements.  Clearly articulate risks for technical and non- technical stakeholders
• Drive security requirements through designing and building prototypes, ensuring architecture sign offs, delivering design documents and standards, and creating user stories
• Collaborate with Engineering to improve secure development practices and related tools
• Establish a trusted risk advisor role with peers and stakeholders in Engineering, QA, Operations, and IT
• Evaluate, implement, and support security-focused tools and services
• Develop key indicators of malicious activities and ensure mitigation and detection measures are designed and built into our services
• Review security findings and actively participate in significant security events
• Maintain strong knowledge of common security vulnerabilities, attack vectors, attack methods, and remediation techniques
• Recruit and lead a small team of security engineers that will be embedded as needed in engineering and operations teams to help meet security requirements.

Desired Skills and Experience

• Expert knowledge of secure application architectures, encryption technologies, cryptography and key management, authentication
• 7+ years experience practicing secure software development and architecture, preferably in an agile environment.
• At least 2 years experience in cloud security architecture and in SaaS services including APIs.
• Experience leading code reviews, pen-tests, or similar projects
• Experience deploying and using a wide selection of open source and commercial security development and testing tools such as code scanners, fuzzing, using proxies in security testing, etc.
• Knowledge of a broad range of attack vectors and exploits
• Results driven, creative, professional, persistent, quality oriented, and self-motivated work style.
• Excellent technical documentation skills
• Computer Science Degree or equivalent  

This position reports to the SVP of engineering.

#LI-SY1