Security Architect

| Greater Boulder Area

Are you data-driven?  We at NetApp believe in the transformative power of data – to expand customer touchpoints, to foster greater innovation, and to optimize operations.  We are designed for simplicity, optimized to protect, created to embrace future opportunity, and open to enrich choice.  We are the data authority for hybrid cloud, and we are helping our customers realize the full potential of their data.

We’ve built a Data Fabric for a data-driven world – to simplify and integrate data management across the resources that are best for the business.  With the Data Fabric, our customers can harness the power of cloud data services, build cloud infrastructures, and modernize storage through data management.

By harnessing the power of hybrid cloud data services, customers gain the freedom of choice to securely manage and move data – anywhere, on any cloud. Only NetApp can help organizations deliver data-rich customer experiences when they rapidly test and deploy new applications that easily use data and services regardless of where they reside or in what form.

Job Summary

As a Security Architect in the Cloud Data Services Business Unit (CDSBU) architect team you will act as the lead subject matter expert for overall security of the product and associated solutions and compliance towards security assurance standards for the entire Business Unit. You will apply your broad and expert knowledge in security best practices, Cloud Security architectures, designs, policies, and control standards to ensure compliance with security policies, guidelines, standards, controls, and governance. Define the lifecycle of security related artifacts and oversee their distribution. Act as the point of contact for coordinating Secure Development Lifecycle adoption across the Business Unit by collaborating with Product Security team. Collaborate with teams internal to the CDSBU as well as the greater NetApp organization including the office of the Chief Information Security Office (CISO) to ensure CDBSU architectures and operations adhere to NetApp security best practices. Work directly with cloud service providers to interlock on and ensure compliant implementation of security related integration points.  Maintain awareness of revisions to existing security and compliance standards and communicate them as necessary to ensure NetApp Cloud Data Services maintains adherence to current security standards. Share CDBSU cloud security vision with key stakeholders by organizing discussions and formal presentations. Participate in working groups of subject matter experts for definition and review of security standards, guidelines, principles, governance and controls.  Actively participates with the CDSBU roadmap steering committee to advise on security issues in relation to deployment of new service features. 

Key Responsibilities

-Define security models to align service frameworks with security standards

-Architect the solutions by adhering to security best practices and to comply with security standards

-Identify design gaps in existing and proposed architectures and provide recommendations for resolution

-Adjust existing models to accommodate new service features maintaining security standards

-Work closely with cloud service providers to align security models and adopt CSP defined security best practices and security hardening procedures baked into our solutions

-Ensure adherence to standard regulatory and compliance requirements by reviewing regular 3rd party security audits and penetration testing

-Produce, maintain and oversee the correct distribution, review and approval of security related artifacts

-Participate in security architecture and design reviews associated with product solutions from cloud business unit

-Propose and Improve security metrics through process automation and testing

-Designs, develops, and implements new security technologies as necessary to support NetApp cloud services

-Contributes to defining time tables and project plans

-Assists in the definition of milestones and progress tracking

-Defines, publishes and maintains processes for security governance (i.e. compliance to principles, guidelines and standards)

-Coordinates the monitoring of the life cycle of specific security assets Identifies, understands and documents extensions to, and variants from, security and architecture standards

 

This position can be based anywhere in the U.S.

Job Requirements

-8+ years of demonstrated information security, risk management & compliance experience

-4+ years Cloud Security Architect experience with AWS, Azure, or other public cloud

-BS or MS in Electrical Engineering or Information Technology or Computer Science, plus

-Must have two or more of the following cloud security certifications: CCSK - Certificate of Cloud Security Knowledge (CSAA), CCSP - Certified Cloud Security Professional (ISC2), Cloud+ (CompTIA), AWS Certified Solutions Architect (Amazon), Google Certified Professional Cloud Architect (Google), Professional Cloud Security Manager (EXIN), CISCS - Certified Integrator Secure Cloud Services (EXIN).

-Two or more non-cloud related security certifications preferred - CISSP, CISM, CISA, SANS GIAC, CGEIT, CRISC, GSEC, ITL

-Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.

-Demonstrated and hands-on experience with creating automated workflows and experienced working with DevOps and Software Development teams.

-Thorough knowledge on security scan test tools including SAST, DAST, Fuzzing, Pentest and Vulnerability.

-Skilled at interpreting compliance and security standards into implementable and repeatable controls

-Thorough understanding of industry regulatory and compliance requirements (i.e., FedRAMP, PCI-DSS, NIST, HIPAA) and evaluation/assessment process

-Demonstrated capability to design secure systems on public / hybrid cloud as well as secure solutions for data in transit

-Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.)

- CEH certification a plus

Education

Typically requires a minimum of 12 years of related experience with a Bachelor’s degree; or 8 years and a Master’s degree; or a PhD with 5 years experience; or equivalent experience.

So get ready to tap into the data visionary within, and join us as we accelerate digital transformation and empower our customers to change the world with data!

If you ask a NetApp employee why they work here, the answer is inevitably the same: the people. At NetApp, our culture is at the heart of what we do. We place importance in trust, integrity, teamwork, and caring above all else. NetApp is a place where people are empowered to make a difference. Empowered to innovate. Empowered to collaborate. Empowered to help ourselves and others be data-driven and change the world. We take care of each other, our customers, our partners, and our communities simply because it’s the right thing to do.

We work hard but also recognize the importance of work-life balance for our employees because what’s important to them is important to us!  Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition.  Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations.  We provide comprehensive medical, dental, wellness and vision plans for you and your family.  We offer educational assistance, legal services, and access to discounts and fitness centers. We also offer financial savings programs to help you plan for your future.  

Read Full Job Description

Technology we use

  • Engineering
    • C++Languages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages

Location

We have a beautiful Boulder office, with amazing Flatiron views, on the vibrant downtown Pearl Street.

An Insider's view of NetApp

What’s the vibe like in the office?

Our office vibe is one of excitement. On one hand, there is always work to be done and a new project or product to be working on which helps keep the office thriving. On the other hand, we have a lot of fun! Whether it is over a surprise mini golf course in the office for April Fool’s Day, or a happy hour in the breakroom. We work hard & play hard.

Kayte

Workplace Resources Manager

How do you collaborate with other teams in the company?

I've always been a fan of walking around and socializing. I've worked with many of the people here at previous companies, so knowing so many people makes it easy to grab a lunch, find out what other teams are up to. We also put on a hackathon and encourage working with people from other groups. I talk to everyone!

Dave

Senior Performance Engineer

How does the company support your career growth?

NetApp is very proactive in providing the opportunity to investigate, apply for & interview for, other openings within the company. Furthermore, the opportunity to work on various technologies comes often enough I feel like my skills are always up to date with current technology trends.

Kenton

Tech Lead – Solutions Quality Interoperability Testing

What unique initiatives do you have that encourage innovation?

Def hackathons! Lot of good initiatives have come out of these. We are also starting a couple of initiatives. One is centered around connecting our engineers with our customers so that they can help bring the perspective as we are solving complex problems. We are also looking at connecting passion to the opportunity.

Tina

Sr. Engineering Manager, Cloud Infrastructure

How do you empower your team to be more creative?

I try to focus on leading by objectives. Then give them freedom to do the work as they see fit. If I can respond to a request for advice, I’m there. If I can make a suggestion for a problem they surface, I’m glad to do that, but how they do their job rests with them.

Kevin

Engineering Manager

What are NetApp Perks + Benefits

NetApp Benefits Overview

We work hard but also recognize the importance of work-life balance for our employees because what’s important to them is important to us! Recently we implemented Family First, which encourages employees to take paid time off to bond with a new child (through birth or adoption) or to care for a family member with a serious health condition.

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Open door policy
Team owned deliverables
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Dental Benefits
Vision Benefits
Health Insurance Benefits
NetApp offers competitive, comprehensive medical plans that enable you to get healthy and stay healthy.
Life Insurance
Basic Life and Accidental Death and Dismemberment (AD&D) insurance is provided by NetApp through MetLife at no cost to you. Both programs cover two times your pay, with a maximum of $1.5 million.
Pet Insurance
VPI Pet Insurance helps you save money on your pet’s health care. This is a voluntary benefit, which means you pay the full cost of coverage, but can take advantage of group discounts etc.
Wellness Programs
Your wellbeing journey begins with MyCompass. Powered by Jiff, is your digital sidekick, allowing you to choose your own adventure in achieving total physical, emotional and financial wellness.
Retirement & Stock Options Benefits
401(K)
Opportunity to contribute through convenient paycheck contributions— including pretax contributions or Roth after-tax contributions.
401(K) Matching
Company match of 100% on the first 2% of pay you contribute, then 50% on the next 4% of pay you contribute (up to a maximum of $6,000 per calendar year). Immediate vesting on NetApp’s matching.
Employee Stock Purchase Plan
Become a part owner of NetApp by buying NetApp stock through convenient payroll deductions.
Child Care & Parental Leave Benefits
Flexible Work Schedule
Family Medical Leave
Family First NetApp is here for you when you need to care for the important people in your life. Our Family First program allows you to spend time with your family when it matters the most.
Vacation & Time Off Benefits
Paid Volunteer Time
Our volunteer time off program is best in class, offering employees 40 hours of paid time off per year to donate their time with their favorite organizations.
Paid Holidays
NetApp offers all employees paid time off to observe all major holidays.
Paid Sick Days
Accumulate up to 10 days of sick time each year to recover from illness or injury or to attend to the illness of a sick child, parent or spouse.
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Game Room
Stocked Kitchen
Some Meals Provided
Pet Friendly
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program

Additional Perks + Benefits

We offer our employees a balance in a casual, yet fast-paced work environment. Standing desks, multiple monitors, customized workstations. Work-Life Programs - Time Off, Volunteer Time Off, Employee Assistance Program, Educational Assistance, Prepaid Legal Plan.

More Jobs at NetApp37 open jobs
All Jobs
Data + Analytics
Dev + Engineer
Internships
Marketing
Operations
Product
Project Mgmt
Sales
Developer
new
Boulder
Developer
new
Boulder
Product
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Product
new
Boulder
Developer
new
Boulder
Operations
new
Boulder
Operations
new
Boulder
Developer
new
Boulder
Data + Analytics
new
Boulder
Developer
new
Boulder
Project Mgmt
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Developer
new
Boulder
Internships
new
Boulder
Internships
new
Boulder
Sales
new
Boulder
Developer
new
Boulder
Project Mgmt
new
Boulder
Developer
new
Boulder
Operations
new
Boulder