Security Architect IRC266462

Description

We are looking for an IT SAAS Security engineer to support our growing company’s security needs and SaaS administration. This is a hybrid role that combines technical administration and security compliance functions. You will serve as the primary Security compliance engineer for our SaaS and on-premises tools, ensuring smooth day-to-day tool security operations.

#LI-TM4
#LI-Remote

Requirements

Experience & Skills:

• Experience with SaaS administration, ideally with multiple platforms (e.g., Box, o365, Okta, EntraID, Intune, etc.).
• Familiarity with security compliance frameworks (SOC 2, ISO 27001, NIST, etc.) and responding to security questionnaires.
• Basic understanding of disaster recovery, backup systems, and incident response practices.
• Good understanding of class of risks in order to assess priorities and execution order
• Strong organizational skills and ability to manage multiple tasks with minimal supervision.

Technical Knowledge:

• Proficiency in usage monitoring / review of cloud-based SaaS applications.
• Basic understanding of on-premises server tools and network configurations.
• Knowledge of backup and DR software.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Minimum of 5-7 years of experience as a Security Architect or in a similar role focused on application and infrastructure security
• Strong understanding of security principles, best practices, and frameworks (e.g., OWASP, NIST, CSA)
• Proven experience in designing and reviewing secure architectures for complex distributed systems and cloud-based platforms (Azure experience strongly preferred)
• Experience with threat modeling methodologies (e.g., STRIDE, PASTA)
• Solid understanding of Kubernetes or other container orchestration platforms and their security considerations
• Knowledge of API security best practices and common attack vectors
• Experience with data security and privacy principles
• Familiarity with security considerations specific to AI/ML systems is highly desirable
• Excellent communication, collaboration, and interpersonal skills
• Ability to explain complex security concepts to both technical and non-technical audiences.
• Relevant security certifications (e.g., CISSP, CSSLP, CCSP) are a plus.

Job responsibilities

• Security Architecture and Design: Develop and maintain the overall security architecture for the AI platform, ensuring alignment with industry best practices, regulatory requirements, and our company’s security policies.
• Design Reviews: Conduct thorough security reviews of system designs, architectures, and deployment plans for all components of the AI platform, including microservices, data pipelines, AI/ML models, APIs, and infrastructure-as-code.
• Threat Modeling: Lead threat modeling exercises to identify potential security vulnerabilities and risks in the platform’s architecture and propose effective mitigation strategies.
• Security Standards and Guidelines: Define and document security standards, guidelines, and best practices for development, deployment, and configuration of platform components.
• Component Security Review: Evaluate the security of third-party components, libraries, and services integrated into the platform.
• Cloud Security: Ensure secure configuration and deployment of the platform within our cloud environment, adhering to cloud security best practices and leveraging native security services.
• API Security: Define and review security measures for all internal and external APIs, including authentication, authorization, input validation, and rate limiting.
• Data Security: Collaborate with data engineering teams to ensure the secure handling, storage, and processing of sensitive data, including customer intellectual property, in compliance with relevant data privacy regulations.
• AI/ML Security: Stay abreast of emerging security threats and best practices specific to AI/ML systems, including prompt injection, adversarial attacks, and model security, and incorporate these into the platform’s security architecture.
• Collaboration and Guidance: Work closely with development, engineering, and infrastructure teams to provide security guidance, address security concerns, and ensure secure implementation of platform components.
• Security Documentation: Create and maintain clear and comprehensive security documentation, including architecture diagrams, design specifications, and security guidelines.
• Compliance Support: Assist with security compliance efforts by providing architectural guidance and ensuring that the platform’s design meets relevant security standards and regulations.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.