Are you data-driven? We at NetApp believe in the transformative power of data – to expand customer touchpoints, to foster greater innovation, and to optimize operations. We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice. We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.
We’ve built a Data Fabric for a data-driven world – to simplify and integrate data management across the resources that are best for the business. With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.
By harnessing the power of hybrid cloud data services, customers gain the freedom of choice to securely manage and move data – anywhere, on any cloud. Only NetApp can help organizations deliver data-rich customer experiences when they rapidly test and deploy new applications that easily use data and services regardless of where they reside or in what form.
As a Security Architect in the Cloud Data Services Business Unit (CDSBU) architect team you will act as the lead subject matter expert for overall security of the product and associated solutions and compliance towards security assurance standards for the entire Business Unit. You will apply your broad and expert knowledge in security best practices, Cloud Security architectures, designs, policies, and control standards to ensure compliance with security policies, guidelines, standards, controls, and governance. Define the lifecycle of security related artifacts and oversee their distribution. Act as the point of contact for coordinating Secure Development Lifecycle adoption across the Business Unit by collaborating with Product Security team. Collaborate with teams internal to the CDSBU as well as the greater NetApp organization including the office of the Chief Information Security Office (CISO) to ensure CDBSU architectures and operations adhere to NetApp security best practices. Work directly with cloud service providers to interlock on and ensure compliant implementation of security related integration points. Maintain awareness of revisions to existing security and compliance standards and communicate them as necessary to ensure NetApp Cloud Data Services maintains adherence to current security standards. Share CDBSU cloud security vision with key stakeholders by organizing discussions and formal presentations. Participate in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls. Actively participates with the CDSBU roadmap steering committee to advise on security issues in relation to deployment of new service features.
-Define security models to align service frameworks with security standards
-Architect the solutions by adhering to security best practices and to comply with security standards
-Identify design gaps in existing and proposed architectures and provide recommendations for resolution
-Adjust existing models to accommodate new service features maintaining security standards
-Work closely with cloud service providers to align security models and adopt CSP defined security best practices and security hardening procedures baked into our solutions
-Ensure adherence to standard regulatory and compliance requirements by reviewing regular 3rd party security audits and penetration testing
-Produce, maintain and oversee the correct distribution, review and approval of security related artifacts
-Participate in security architecture and design reviews associated with product solutions from cloud business unit
-Propose and Improve security metrics through process automation and testing
-Designs, develops, and implements new security technologies as necessary to support NetApp cloud services
-Contributes to defining time tables and project plans
-Assists in the definition of milestones and progress tracking
-Defines, publishes and maintains processes for security governance (i.e. compliance to principles, guidelines and standards)
-Coordinates the monitoring of the life cycle of specific security assets Identifies, understands and documents extensions to, and variants from, security and architecture standards
This position can be based anywhere in the U.S.
-8+ years of demonstrated information security, risk management & compliance experience
-4+ years Cloud Security Architect experience with AWS, Azure, or other public cloud
-BS or MS in Electrical Engineering or Information Technology or Computer Science, plus
-Must have two or more of the following cloud security certifications: CCSK - Certificate of Cloud Security Knowledge (CSAA), CCSP - Certified Cloud Security Professional (ISC2), Cloud+ (CompTIA), AWS Certified Solutions Architect (Amazon), Google Certified Professional Cloud Architect (Google), Professional Cloud Security Manager (EXIN), CISCS - Certified Integrator Secure Cloud Services (EXIN).
-Two or more non-cloud related security certifications preferred - CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL
-Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
-Demonstrated and hands-on experience with creating automated workflows and experienced working with DevOps and Software Development teams.
-Thorough knowledge on security scan test tools including SAST, DAST, Fuzzing, Pentest and Vulnerability.
-Skilled at interpreting compliance and security standards into implementable and repeatable controls
-Thorough understanding of industry regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and evaluation/assessment process
-Demonstrated capability to design secure systems on public / hybrid cloud as well as secure solutions for data in transit
-Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.)
- CEH certification a plus
Typically requires a minimum of 12 years of related experience with a Bachelor’s degree; or 8 years and a Master’s degree; or a PhD with 5 years experience; or equivalent experience.
So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!
If you ask a NetApp employee why they work here, the answer is inevitably the same: the people. At NetApp, our culture is at the heart of what we do. We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference. Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world. We take care of each other, our customers, our partners, and our communities simply because it’s the right thing to do.
We work hard but also recognize the importance of work-life balance for our employees because what’s important to them is important to us! Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition. Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations. We provide comprehensive medical, dental, wellness and vision plans for you and your family. We offer educational assistance, legal services, and access to discounts and fitness centers. We also offer financial savings programs to help you plan for your future.