Sr Cloud Software Security Architect (US Remote)

Motorola Solutions - Salt Lake City, UT

posted about 2 months ago

Full-time - Mid Level
Remote - Salt Lake City, UT
Computer and Electronic Product Manufacturing

About the position

The Compliance & Security Architect at Motorola Solutions is responsible for ensuring the compliance and security of the cloud platform and products. This role involves leading the organization through maturity and compliance with security frameworks, collaborating with Data Privacy teams, and representing the cloud platform team in external audits. The architect will develop technical requirements, create architecture diagrams, and guide product development teams in implementing security methods that comply with industry standards.

Responsibilities

  • Develop and own the technical requirements needed to implement the NIST Cybersecurity framework, while following industry best practices and benchmarks like OWASP, CIS, and DoD.
  • Create architecture diagrams, a tech inventory, security methods, and solutions that align with standard cloud security principles, such as the 'well architected framework' of Azure and AWS.
  • Ensure security is built into the cloud platform from the ground up, including secure architecture, design, coding, and vulnerability management.
  • Create comprehensive documentation for security implementations across the system, including Kubernetes cluster security, FIPS-compliant cryptography, authentication/encryption methods, and network architecture.
  • Guide product development teams on application and use of risk analysis techniques and procedures.
  • Collaborate with Product Managers and Engineering Teams to implement security methods and technologies that comply with NIST 800-53.
  • Perform technical gap analysis (including threat and risk assessments) and prioritize security and compliance work with Product Management and Risk Owners.
  • Act as the technical expert in achieving maturity, compliance, and accreditation to security frameworks like ISO 2700x, FedRAMP, CJIS, Canada CCCS, and Australia IRAP.
  • Maintain up-to-date documentation (technical requirements, architecture/design diagrams, technical methodologies) and required evidence repositories, asset registers, security risk registers, and business continuity plans.
  • Participate in site-level management reviews.

Requirements

  • Experience with US security policies, frameworks, and standards such as CJIS, FedRAMP, etc.
  • Knowledge of emerging cybersecurity trends and new technologies.
  • Proven track record of implementing NIST 800-53 cybersecurity framework or Center of Internet Security controls by authoring security requirements within a product development cycle.
  • Proven experience in creating architecture diagrams, security requirements, and technical solution papers at various levels of detail.
  • Strong articulation and communication skills in writing and verbally, especially in conducting technical presentations to diverse audiences.
  • Experience with cryptographic solutions for integrity, non-repudiation, and confidentiality.
  • Practical experience with Public Key Infrastructure is highly desired.
  • Knowledge of Authentication and Authorization technologies and protocols for both interactive users and service connections.
  • Experience performing security analysis to identify gaps against security compliance standards.
  • Excellent interpersonal skills and the ability to work effectively with team members to solve complex problems.
  • Experience with security management tools to automate security processes and procedures, such as POA&M, is highly desirable.
  • Knowledge of key cloud architectures and cloud security best practices.
  • Experience with AWS, Microsoft Azure, and Google cloud platform, particularly with their security methodologies and toolsets, is highly desired.
  • Experience with microservices and microservice orchestration technologies is highly desired.

Nice-to-haves

  • Experience with security management tools to automate security processes and procedures, such as POA&M.
  • Practical experience with Public Key Infrastructure.
  • Experience with microservices and microservice orchestration technologies.

Benefits

  • Incentive Bonus Plans
  • Medical, Dental, Vision benefits
  • 401K with Company Match
  • 10 Paid Holidays
  • Generous Paid Time Off Packages
  • Employee Stock Purchase Plan
  • Paid Parental & Family Leave

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service