Master Security Architect

Master Security Architect

We are the Hitachi Vantara Cybersecurity team, and we are passionate advocates of information security! Cybersecurity has the primary responsibility for safeguarding the confidentiality, integrity, and availability of data, systems, and information in the enterprise. We ensure that corporate systems are secure, and we make sure that the products and services that we deliver to customers are designed to be trustworthy and hardened. We are out-of-the-box thinkers, innovators, and team players. We constantly seek new and better ways of doing things. We need highly motivated individuals to join our dynamic team who have positive attitudes and want to be part of something special.

The role
o Working with Hitachi Vantara engineering teams and customers to ensure products meet US Government security requirements.
• Evaluate the posture and compliance of security offerings (i.e. product or services) based upon internal/external criteria (e.g., standards, checklist, scanning tools, etc.), perform gap analysis, and report/brief the findings
• Hardening Hitachi Vantara product and service offerings
o Assisting the process of achieving and maintaining ATOs for both traditional and Fedramp based solutions.
o Drafting, reviewing, and maintaining documents like System Security Plans (SSPs), Contingency Plans, and Plans of Action and Milestones (POA&Ms)
o Providing security guidance and define requirements for Hitachi Vantara’s internal systems, customer-facing services, and products
o Be a master of identifying security design gaps in existing and proposed product and service architectures and recommend changes or enhancements
o Collaborate with the other leaders of Hitachi Vantara including sales, product security and engineering

What you’ll bring
o Minimum 10 years of security architecture and/or engineering experience including a solid technical foundation in security and compliance.
o Advanced technical capabilities in a wide array of platforms and systems (e.g., Linux, Windows, VMWare, SQL, etc.).
o Familiar with industry and government security standards and baselines such as the DISA STIGs, CIS benchmarks, NIST 800-53, NIST Risk Management Framework, FIPS 140-2/3, the NIST Cybersecurity Framework and NIST 800-171.
o Experience with Fedramp approval process and securing solutions deployed to public and private clouds, including AWS, Azure or GCP.
o In-depth knowledge of risk assessments, network security, cryptography, authentication, secure systems development, and authorization.
o Strong understanding of application security patterns including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, mobile authentication and key exchange) strategies.
o Familiar with IAM federated identity strategies - SAML, OAuth, and OIDC protocols
o Ability to facilitate meetings with strong presentation skills and ability to quickly discern differing points of view versus derailing points of view
o Strong/expert level understanding of trends in the industry for information security policy, audit, compliance, and risk management
o Certifications Desired: CISSP, CSA, Security.

About us

We’re a global team of innovators. Together, we harness engineering excellence and passion for insight to co-create meaningful solutions to complex challenges. We turn organizations into data-driven leaders that can a make positive impact on their industries and society. If you believe that innovation can inspire the future, this is the place to fulfil your purpose and achieve your potential.

#LI-CB1

Championing diversity, equity, and inclusion

Diversity, equity, and inclusion (DEI) are integral to our culture and identity. Diverse thinking, a commitment to allyship, and a culture of empowerment help us achieve powerful results. We want you to be you, with all the ideas, lived experience, and fresh perspective that brings. We support your uniqueness and encourage people from all backgrounds to apply and realize their full potential as part of our team.

How we look after you

We want to help you take care of your today and tomorrow – at home and at work. Which is why we offer industry-leading benefits that go far beyond compensation. That means support, services, and resources that also take care of your holistic health and wellbeing. We’re always looking for new ways of working that bring out our best, which leads to unexpected ideas. Here, you’ll experience a sense of belonging, and discover autonomy, freedom, and ownership as you work alongside talented people you enjoy sharing knowledge with. We’re also champions of life balance and offer flexible arrangements that work for you (role and location dependent).

We’re proud to say we’re an equal opportunity employer and welcome all applicants for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran, age, disability status or any other protected characteristic. Should you need reasonable accommodations during the recruitment process, please let us know so that we can do our best to set you up for success.