IT Security Architect
Posted Date: Mar- 3-2017
Job ID: 6699
Job Type: Full Time
Job Function: Information Technology
What's cool about this job
Do you have experience developing an IT Security vision that aligns with a corporate information security vision? Do you also enjoy working in a fast paced retail environment driven by the most advanced IT and business service delivery technologies? If you said yes to each of the questions above, then we have an opportunity for you. We are seeking a permanent full time position within our Information Technology.
As the IT Security and Risk Management Domain Architect, you will be accountable for ensuring REI’s IT systems and data are designed and implemented with the highest data security and privacy standards. You will play a critical role in defining REI’s technology security landscape, ensuring REI is appropriately postured to address advanced security threats, cloud migration, and workforce mobility.
This role partners closely with portfolio planning teams to shape solution architectures during the demand management/intake processes and take a leadership role for our Solution Architects that are responsible for delivering solutions defined by the IT Security Domain Architect. It is a critical architecture role in REI and part of REI’s Architecture and Information Security communities.
- Maintain current knowledge of emerging security threats and their applicability to REI’s environments
- Participate in cyber defense exercise development, planning and participation
- Manage IT Security Architecture Principles, Policies and Standards
- Manage IT Security Technology Roadmap
- Provide IT Security Architecture oversight as part of data governance committee(s) and programs partnering with Enterprise Information Architect, Legal, and Information Security.
- Security design reviews/assesses security implications for introduction of new or differing technologies
- Advocates and champions of Enterprise Architecture concerns to project teams managed by their domain’s project portfolio
Bring your passion and expertise
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field or commensurate experience in Security Architecture
- Relevant IT architecture, information security or cloud security certifications are strongly preferred
- Strong understanding of IT, Information Security or business delivery frameworks, such as ISO 27001/27002, NIST Cybersecurity Framework 3.1 & 3.2, ITIL, PCI-DSS and COBIT
- Knowledge of Networking, Virtualization, Storage and Cloud Technologies including but not limited to secure implementation of: local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), wireless networks (Wi-Fi), switches, routers, firewalls, wireless access points and related security and network devices; Hypervisors, VMs and VDIs; Storage Area Networks (SAN), Network Attached Storage (NAS), CIFS, SMB and relevant security and replication technologies.
- Excellent understanding of cloud security and experience with design and/or implementation of applications in the cloud; Understanding of cloud deployment models: Private Cloud, Public Cloud, Hybrid Cloud; Cloud service models: Infrastructure as a service (IaaS), Platform as a service (PaaS) and Software as a service (SaaS); implementation of relevant controls to ensure Confidentiality, Integrity and Availability of REI data.
- Extensive knowledge of technical security controls and technologies (e.g. IDS, IPS, traditional, NextGen and Web Application Firewalls; Data Loss Prevention; Antivirus, Anti-malware and Zero Day technologies; Security Information and Event Management (SIEM); Access and Identify Management and Privileged User Management; Public Key Infrastructure and Certificate management).
- Security concepts related to threat management, authorization and authentication, perimeter security controls, and security lifecycle methods/frameworks (e.g. Microsoft SDL and BSIMM) with specific knowledge for securing PCI and PII data
- Ability to scope solution architectures to contribute to estimation activities
- Ability to coach and mentor Solution Architects
- Ability to build solution architecture models using UML
- Minimum of 8 years developing real world scaled solutions with knowledge of full application development lifecycle (SDLC) and methodologies; waterfall, agile and hybrid
Why you'll love it here
REI Information Technology is a team of creative and smart technologists who work in a collaborative environment to build business value through technology. And, we have the support of a great company to tackle some pretty dynamic challenges that will keep REI relevant for years to come. If you have a passion for the outdoors and want to be a part of innovating retail technology, this job is for you.
At REI we offer an enviable work environment that has been recognized on the "100 Best Companies to Work For" list since the award's inception – 20 years in a row! Sure, we work hard, but it’s balanced with time off to play—a strategy that works for us as we continue to grow and thrive. Want to enjoy a workplace where you can be yourself, be heard and be respected while having a job that challenges you? This is the place.
With more than 140 retail locations (and growing), REI offers unique competitive benefits to its more than 12,000 employees, including healthcare, gear and apparel discounts, free equipment rentals and challenge grants to help employees reach personal outdoor goals, generous retirement plan contributions, public transit subsidy, adoptions assistance, paid sabbaticals, and more.
REI is an Equal Opportunity Employer