Director, Security Architecture & Engineering
EverCommerce
AWSAzureCloudCyber SecurityMicroservices
Senior Security Engineer
EverCommerce
full-time
Posted on:
Location Type: Remote
Location: Remote • Colorado • 🇺🇸 United States
Visit company websiteSalary
💰 $130,000 - $160,000 per year
Job Level
Senior
Tech Stack
AWSAzureCloudCyber SecurityMicroservices
About the role
- Create and maintain security architecture and engineering processes and procedures
- Design system architectures which meet established cybersecurity requirements and align with customer needs, including security requirements definition, documentation, and communication
- Develop security architecture requirements and implementation guidance based on analysis of NIST 800-53 and/or other security control frameworks
- Architect, design, implement, maintain, and operate information system security controls and countermeasures
- Provide techniques and patterns for securing integration with external security system vendors and/or cloud providers
- Lead regular architecture and design reviews to ensure requirements implementation
- Evaluate and play an active role in life-cycle management of multiple security technologies
- Identify security risks and control gaps within systems, designs, products, data flows, and processes; recommend corrective architecture, integrations, controls, and operations
- Participate in development of security requirements, architectures, and documentation to ensure security controls are integrated into new technology deployments
- Perform secure architecture and design reviews of new technology and security systems deployments and collaborate with business teams to integrate secure-by-design principles into CI/CD pipelines and Agile development processes
- Maintain a clear view of the overall security architecture roadmap and strategic plan
- Leverage emerging technologies and advanced security practices to ensure EverCommerce is at the forefront of security for solution groups and customers
- Build, maintain and mature security architecture metrics and reporting
- Serve as a subject matter expert/contributor measurably improving the overall security framework and program
- Mentor junior security engineers and analysts
- Additional duties as required and assigned
Requirements
- At least 7 years of relevant work experience in a technical field (e.g. cybersecurity, software development, or systems administration)
- Bachelor's Degree in a technical discipline such as Cyber Security, Information Technology, Computer Science, or Information Systems - or equivalent professional experience
- Have at least one current Industry recognized security certifications; CISSP, CISM, CISA, GIAC or commensurate experience
- Excellent communication and interpersonal skills, with the ability to communicate and collaborate effectively with cross-functional teams, matrixed organizations, and technical / and non-technical stakeholders
- Demonstrated experience with the security, development and/or management of systems compliant to NIST 800-53, NIST CSF, or ISO 27001-2022 security control frameworks
- Exceptional knowledge and understanding on the creation/implementation and securing of cloud technologies such AWS and Azure
- Knowledge of Information Security risk assessment methodologies and standards
- Highly flexible, self-motivated and eager to learn, with a strong passion for cyber security
- Excellent verbal and written English communication skills
- Must be eligible to work without sponsorship in the United States
- May require travel to Corporate Headquarters in Denver, Colorado, or to other office locations around North America
- Preferred:
- Advanced knowledge regarding common attacks, attack methods, and defense architectures
- Experience in securing multi-tenant compute services, microservices and modern APIs
- Working knowledge of common web and container-based vulnerabilities
- Experience with Information Security policies and procedure development and implementation
- Experience developing technical documentation, including reports, proposals, statements of work, and whitepapers
Benefits
- Continued investment in your professional development
- Day 1 access to a robust health and wellness benefits package, including an annual wellness stipend
- 401k with up to a 4% match and immediate vesting
- Flexible and generous (FTO) time-off
- Employee Stock Purchase Program
- Annual bonus opportunity in most US locations
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
security architecturecybersecurityNIST 800-53cloud technologiesCI/CD pipelinesAgile developmentrisk assessment methodologiestechnical documentationsecurity controlscountermeasures
Soft skills
communication skillsinterpersonal skillscollaborationmentoringflexibilityself-motivationeagerness to learnpassion for cybersecurityleadershipproblem-solving
Certifications
CISSPCISMCISAGIAC
