Listing Description

Information Security continues to be an integral part of business operations at Allworth.  Reporting to the Information Security Manager, the Security Architect plays a key role in helping Allworth protect our technology assets and physical space from malicious attacks coming from both outside and inside the organization.   We are seeking an experienced Security Architect to lead the development of information security architecture and ensure technology initiatives are implemented within the framework to make Allworth’s cloud environments more secure. This role is accountable for developing security architecture and securing enterprise information by identifying network and application security requirements, implementing and testing security controls and procedures. Ideal candidates will have experience in all aspects of Azure security including designing security controls and threat protection, analyzing, and creating a solid identity and access management structure, and defining security policies, using Azure technologies.

This position can be based near one of our mail office hubs-  Sacramento, Dallas or Cincinnati, or be full time remote from most US locations.  The pay for the role will be $130-145K plus annual bonus potential up to 10%.  We also offer full time benefits such as health insurance, dental, vision, life, 401k with match, PTO, holiday pay.  

DUTIES AND RESPONSIBILITIES:

• Designing security services in cloud-based programs based on pre-defined architecture frameworks and risk appropriate controls.


• Maintain and improve the security posture of the Allworth computing environment by defining security controls and policies and monitor alerts to ensure that data, apps, containers, infrastructure, and networks.


• Design access configurations within a cloud solution environment using the defense-in-depth principle.


• Collaborate with stakeholders to understand their business requirements and develop security solutions that meet their needs.


• Collaborate with IT Infrastructure in the crafting and implementation of security policies.


• Create and maintain documentation for architectural designs, processes, and policies.


• Perform review and take corrective remediation actions, including patching and configuration changes, for any vulnerabilities or other security defects identified.


• Maintain comprehensive technical knowledge of cloud software and infrastructure platforms.


• Develop auditing methodologies and architecture to manage and protect data in cloud computing environments.


• Identify and implement new security technologies and best practices into Allworth computing environments.

QUALIFICATIONS:

The person we are looking for combines the qualities of a good communicator and an expert in the domains of Cyber Security. The more boxes you can tick in the list below, the closer you match the ideal profile we are looking for.

• Strong oral and written communications skills that demonstrate a professional demeanor and the ability to interact with a variety of cross-functional roles with occasional executive presence.


• Should be highly credible with demonstrable ability to solve business problems -Passion for customers, learning, having proven ability to be client focused.


• Hands-on experience in Microsoft security and identity technologies, such as Azure Active Directory, Microsoft Defender, Azure Security Center, Azure Sentinel, and Microsoft 365 Security & Compliance technologies.


• Knowledge of Cybersecurity concepts and mitigation practices, such as Advanced Persistent Threat (APT), Credential Theft, Zero Trust, Privileged Access Management, Just-in-time Administration, etc.


• Knowledge of Azure compute platforms (Azure Kubernetes Service (AKS), Azure Container Apps, Container Instances, Azure Container Registry, Azure Virtual Machines, Azure Virtual Machine Scale Sets).


• Experience with Azure-native Resilience (e.g., VM Availability Sets / Zones, Paired Regions, Storage Geo-Replication) and knowledge of Cloud Disaster Recovery methods


• Hands on experience with Azure Cloud Security Monitoring, Azure Active Directory, Azure Sentinel, Azure Policy, Azure firewall/WAF/Network Security groups


• Experience with Azure Networking services (e.g., VNETs, Load Balancers, Front Door, ExpressRoute, Traffic Manager, Content Delivery Network)


• Experience with PowerShell, Python, or other scripting languages


• Strong understanding of cloud architecture patterns, such as microservices, server less, and hybrid cloud


• Certifications: Azure Security Engineer, Azure Solution Architect, Azure Cybersecurity Architect, CompTIA Security+, or SANS certification are preferred. Also, industry certifications are considered as beneficial e.g., CISSP, CSSP, CCSK, GIAC, CEH …

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job.  Typical reporting relationships are described, but actual relationships may vary in some instances.  This job description is not intended to be an exhaustive list of all responsibilities, duties, skills, or knowledge required of personnel classified in this job.