Security Architect
Vertafore is a leading technology company whose innovative software solution are advancing the insurance industry. Our suite of products provides solutions to our customers that help them better manage their business, boost their productivity and efficiencies, and lower costs while strengthening relationships.
Our mission is to move InsurTech forward by putting people at the heart of the industry. We are leading the way with product innovation, technology partnerships, and focusing on customer success.
Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better.
We are headquartered in Denver, Colorado, with offices across the U.S., Canada, and India.
Core Responsibilities
· Design, build and implement enterprise-class security systems in our production environment
· Align standards, frameworks and security with overall business and technology strategy
· Identify and communicate current and emerging security threats
· Design product security architecture elements to mitigate threats as they emerge
· Create software solutions that balance business requirements with information and cyber security requirements
· Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
· Use current programming language and technologies to write code, complete programming and performs testing and debugging of applications
· Train developers in implementation or conversion of systems
Skills and competencies
Key technical skills include five or more years' experience in:
- Proficiency with two or more of the common programming languages.
- Software Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
- Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
- Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
- Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
General skills include:
- Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
- Ability to explain highly technical concepts and processes to a non-technical audience.
- Strong leadership, project and team-building skills, including the ability to mentor developers to help build a strong security culture
- Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
- The ability to be the software security subject matter expert
Preference will be given to candidates with one or more certifications from the list below:
· Certified Secure Software Lifecycle Professional (CSSLP)
· Certified Application Security Engineer (CASE)
· Information Systems Security Architecture Professional (ISSAP)
· Information Systems Security Engineering Professional (ISSEP)
· AWS Certified Solutions Architect – Professional
· AWS Certified Security
· AWS Certified Advanced Networking
· AWS Certified SysOps Administrator