Director, Cybersecurity Architect at Alteryx, Inc.
Alteryx is revolutionizing data analytics by providing a complete end to end, self-service platform that allows users to get from business questions to business answers at incredible speeds. Why work for just any analytics company? At Alteryx, we are explorers, dreamers and innovators. We’re on a journey to build the best analytics platform in the world, but we can’t do it without people like you, leading the way. Forget the stereotypical tech companies of the past. Embrace the unconventional, exercise your imagination and help alter the future with Alteryx!
The Director, Cybersecurity Architect is responsible for demonstrating strong leadership qualities, a solid work ethic, a deep understanding of technology across all layers of the tech stack, a passion for security, and the ability to work in a fast-paced environment. The role requires a grasp of core security principles, practices, and a technical background working within multiple environments delivering security related products as well as ensures the performance of all duties in accordance with the company’s policies and procedures, all global laws and regulations, wherein the company operates.
Essential Duties & Responsibilities:
- Develops forward-thinking strategies to protect Alteryx’s data and digital technologies.
- Build a very close working relationship with key stakeholders in IT, DevOps, Engineering, and other teams to effectively communicate and drive critical cyber initiatives.
- Design, build and implement enterprise-class security systems for a production and non-production environments
- Align standards, frameworks and security with overall business and technology strategy
- Establish guidelines for effectively protecting network devices, server infrastructure components and user endpoints
- Establish standard operating procedures for computer network defense (CND) tasks and positions within the team
- Identify and communicate current and emerging security threats
- Design security architecture elements to mitigate threats as they emerge
- Builds core security capabilities and integrates them into the Cyber Defense Center (SOC)
- Create solutions that balance business requirements with information and cyber security requirements
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications, as appropriate
- Provide consultative support for users in implementation or conversion of systems
- Performs other duties and projects as assigned.
Standard Duties & Responsibilities:
- Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
- Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
- Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
- Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
- Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
- Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives within multiple departments
- Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
- The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background
- Treats people with respect; keeps commitments; inspires the trust of others; works ethically and with integrity; upholds organizational values; accepts responsibility for own actions.
- Demonstrates knowledge of and adherence to EEO policy; shows respect and sensitivity for cultural differences; educates others on the value of diversity; promotes working environment free of harassment of any type; builds a diverse workforce and supports affirmative action.
- Follows policies and procedures; completes tasks correctly and on time; supports the company’s goals and values.
- Performs the position safely, without endangering the health or safety of themselves or others and will be expected to report potentially unsafe conditions. The employee shall comply with occupational safety and health standards and all rules, regulations and orders issued pursuant to the OSHA Act of 1970, which are applicable to one’s own actions and conduct.
Essential Knowledge, Skills & Abilities:
- A strong knowledge of how to effectively architect, engineer, and operate security technologies across the stack. A deep working knowledge of attack techniques, the cyber kill chain, and vulnerability management methodologies. An understanding of the incident response lifecycle, including containment, eradication, and recovery.
- A strong technical background in public/privacy cloud, enterprise networking, firewall, storage options, server infrastructure, operating systems, database technologies, applications, and desktop security.
- A comprehension of security standards and frameworks, rules and regulations, and system trust principals, such as NIST, OWASP, SANS Top 20, PCI-DSS, SOX-404, CFPB, SSAE-18, and SOC2.
- The ability to discern patterns from large amounts of disparate information while remaining adaptable in rapidly changing situations and environments.
- Intermediate skills in computer terminal and personal computer operation; Microsoft Office applications including but not limited to: Word, Excel, PowerPoint and Outlook.
- Effective organizational and time management skills. Exceptional verbal, written and interpersonal communication skills. Ability to organize and prioritize work schedules on a short-term and long-term basis.
- Capability to provide consultation and expert advice to management. Ability to make decisions that have moderate impact on the immediate work unit and cross functional departments.
- Ability to make informal and formal presentations, inside and outside the organization; speaking before assigned team or other groups as needed.
- Ability to deal with complex challenges involving multiple facets and variables in non-standardized situations. Capability to work with little to no supervision while performing duties.
Education & Experience:
- Bachelor’s Degree in Information Technology, Mathematics, Business, or Engineering with a minimum of fifteen (15) + years’ progressive technical and information security leadership experience is preferred
- Minimum eight (8) + years of management experience leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals required.
- Experience with information system technology including testing, auditing, risk analysis, and contingency planning required.
- Comprehensive understanding of Security Methodologies required.
- Possible certification requirements include: Certified Information Systems Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), Amazon AWS Certified Cloud Practitioner (AWS-CCP), Amazon AWS Certified Solution Architect Associate (AWS-SAA)
- Experience working in a software development company preferred.
- 100% company-paid medical, dental, and vision for associates
- Health plans that cover your family and pets
- Company matched 401(k)
- Associate stock purchase plan
- Paid time off: 3 weeks’ vacation, 5 sick days, 9 holidays, 3 floating holidays, and 20 hours volunteer time
- 100% paid parental leave
- Tuition reimbursement
- Wellness programs with up to $300 fitness reimbursement annually
- Collaborative offices stocked with healthy snacks and drinks
- Office events, catered lunches, and happy hours