Principal Security Architect

• Conduct Threat Modeling & Architectural Assessments to cover all Information Security domains to ensure Security by Design
• Assess technologies and solutions to develop and enrich security capabilities
• Identify security gaps and communicate associated business risks to relevant stakeholders
• Craft solutions that harmonize business needs with security and compliance requirements
• Verify the effectiveness of security controls in mitigating identified risks
• Assist engineering projects across the Software Development Life Cycle (SDLC) and collaborate to prioritize product security elements effectively
• Apply expertise in information security and application development to instigate organizational shifts aimed at managing and resolving security weaknesses and vulnerabilities
• Contribute to the creation of security policies, standards, and guidelines
• Devise and implement frameworks for data classification, retention, and disposal to ensure alignment with data privacy regulations
• Spearhead initiatives for data security awareness and training

• 7+ years of experience in Information Security with at least 2 years as a Security Architect
• Bachelor’s Degree in Computer Science or related field, or an additional 3 years of pertinent work involvement preferred
• Strong knowledge of prevalent security architectures, frameworks, standards and emerging threats along with strategies and technologies for defense
• Deep understanding of network protocols, operating systems, databases, applied cryptography, least privilege, zero trust principles, identity & access management, and other core information security concepts
• Expertise in cloud computing and its associated best security practices encompassing applications, infrastructure, storage, platforms, and data security
• Ability to conduct threat modeling and risk assessments
• Ability to come into our San Francisco, CA office once a week

CISSP certification