Mars

Senior Security Architect

Mars

full-time

Posted on:

Location Type: Hybrid

Location: New York City • Colorado, Illinois, New York • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $143,000 - $195,000 per year

Job Level

Senior

Tech Stack

AWSAzureCloudCyber SecurityGoogle Cloud Platform

About the role

  • Define, design, and maintain enterprise-grade security architecture patterns, reference models and blueprints that align to Mars and SDx security standards and practices.
  • Architect secure solutions across multi-cloud, hybrid and on-premise solutions.
  • Work with our Product Security Engineers, Cloud and Development teams to embed security controls into our DevSecOps pipelines, micro-services, APIs and other components of SDx solutions.
  • Lead and facilitate threat modeling sessions with our Product Security Engineers and Cloud Development teams using methods such as STRIDE, DREAD or MITRE ATT&CK to ensure adversarial and attack-route analysis is built into our models.
  • Identify architectural risks and propose mitigation strategies early in the design lifecycle as well as performing retroactive security architecture reviews for existing solutions.
  • Partner with enterprise architects, cloud engineers, and DevOps teams to enforce security best practices.
  • Contribute to security policies, standards and guidelines aligning with business needs, Mars and any regulatory requirements.
  • Serve as a trusted security advisor to product engineering and infrastructure teams.
  • Support product security reviews, architecture discussions and secure design validation with our Product Security Engineers and Cloud Development teams.
  • Work with Mars Global Digital Operations (GDO) teams to explore, adapt and incorporate solutions into SDx environment.
  • Collaborate with Mars Risk Management, Vendor Cyber Risk Management, and other teams to ensure that risks identified are properly reported and managed through remediation.
  • Serve as the SA subject matter expert and coordinate with our GRC Specialist for the implementation of SDx cybersecurity governance to enforce policies, procedures, and standards, following SDx and Mars business requirements and security best practices.
  • Collaborate with critical teams including infrastructure, development, R&D, and Mars GDO to ensure alignment with Mars strategies.
  • Collaborate with other teams to achieve efficiencies while building a secure environment that integrates validated technology stack components.
  • Provide security architecture support in the design, implementation, and maintenance of solutions in an agile manner to improve efficiency and reduce errors or disruptions across SDx.
  • Work with our R&D and IT departments to apply threat modeling and/or adversarial approaches to ensure customer-facing technologies and products are secure and updated to best security practices in security architecture.

Requirements

  • Bachelors in Cybersecurity, Information Technology, Computer Science, Engineering, or related field.
  • Master’s degree is a plus, but not essential.
  • Knowledge applying Cloud and DevSecOps Security Architecture principles for Zero-trust.
  • Security Architecture design and review expertise in API security such as OAuth 2, OpenIDConnect, mTLS, API gateways, among others.
  • Threat Modeling and secure design reviews integrating them into a DevSecOps pipeline.
  • Pen testing and red teaming knowledge, specifically privilege escalation paths and incident management as well as threat modeling, attack-route analysis, application testing and vulnerability management related to security architecture designs.
  • Experience communicating complex security concepts effectively (technical, non-technical and executive level audiences).
  • Relevant certifications such as CISSP, GIAC Defensible Security Architecture, CISA or Security+.
  • Cloud security architecture or related certifications in Azure, AWS or GCP are preferred.
  • Experience in regulated industries (finance, healthcare, manufacturing, etc.) applying regulatory regulations and/or security frameworks.
  • Experience in a laboratory setting, veterinary clinics, healthcare or related systems.
  • Strong problem-solving and analytical mindset.
  • Hands-on background in DevSecOps, secure coding, and penetration testing.
  • Experience applying Identity Governance & Administration (IGA).
Benefits
  • Paid Time Off & Holidays
  • Medical, Dental, Vision (Multiple Plans Available)
  • Basic Life (Company Paid) & Supplemental Life
  • Short and Long Term Disability (Company Paid)
  • Flexible Spending Accounts/Health Savings Accounts
  • Paid Parental Leave
  • 401(k) with company match
  • Tuition/Continuing Education Reimbursement
  • Life Assistance Program
  • Pet Care Discounts

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security architecturecloud securityDevSecOpsthreat modelingAPI securitypenetration testingvulnerability managementincident managementsecure codingidentity governance
Soft skills
problem-solvinganalytical mindsetcommunication
Certifications
CISSPGIAC Defensible Security ArchitectureCISASecurity+Azure certificationsAWS certificationsGCP certifications