In this role you will be part of the global information security group reporting to the CISO of CyberArk.
The Information Security Architect will assess and research current and future information security processes and technologies, provide recommendations for improvement and ensure the implementation of controls that will effectively meet business goals and secure the entire CyberArk environment.
The Information Security Architect will lead and direct information security initiatives and projects to provide continuous improvement to CyberArk security operations and assurance activities. The role will support policy development and apply technical expertise to achieve business objectives, manage risks/threats, support compliance, and manage access in order to protect CyberArk information resources.
Responsibilities: Provide security architecture design and guidance for securing the corporate environments, end-user devices and related infrastructure. Define and implement security systems configuration, policies and hardening guidelines. Define and maintain a secured configuration and cloud monitoring tools for CyberArk XaaS solutions. Ensure systems are patched, updated and audited according to the Vulnerability and Patch Management Policy. Administer security-related infrastructure and applications, such as intrusion detection/prevention systems, EDR systems, firewalls, and vulnerability scanners. Ensure high performances of SLA and handle security tickets as part of InfoSec on ongoing service and support. Project management and implementations as needed. Create and maintain documentation (e.g. technical or procedural) as needed.
At least 5 years experience in cyber security: At least 5 years as a security engineer/ architect Experience in creating a technology roadmap Led large scale IT security projects Experience in cloud security (Azure and/or AWS Apps, SaaS platforms such as SalesForce). Experienced in B2B, B2C, API management information security design and solutions – a plus Experience in hardening and virtualization systems, with strong technical understanding of operating system. Experience in network architecture and firewalls design and review. Very good understanding of security industry standards and best practices. Experience in CyberArk products is a plus. Experience in vulnerability scanners (preferably Nessus) and as a minimum basic understanding of common vulnerabilities, including OWASP Top10. A team player with a good interpersonal communication skills and an ability to work well with others.
Certifications (a plus): CISSP (Certified Information Security System Professional) Other relevant Information Security certifications.