Principal Cybersecurity Architect – Cloud & Network

Location: Work is what you do, not where you go. For this role, we are open to remote work (anywhere in US or Canada)

About the opportunity

Ceridian is seeking a Cybersecurity Architect Principal (Cloud / Network Security) to join our global Cybersecurity organization. This role is responsible for designing global network & cloud security design solutions.

As a Cybersecurity Architect, you will provide technical leadership, direction, & oversight to deliver timely effective security solutions, capabilities, and tools across the enterprise, to include cloud workloads. This technical role is critical to aligning strategy and execution to increase cybersecurity maturity and to anticipate future requirements for complex traditional, hybrid, and multi-cloud environments.

What you’ll get to do

• Architect, design, and implement global enterprise network security architecture, connectivity, and security capabilities for public, private, and hybrid environments
• Develop and maintain a security reference architecture to ensure optimization and prevention of duplicate controls in the enterprise
• Design cloud networking zero trust segmentation models in multi-cloud environment
• Provide active technical leadership by leading the technical execution of large-scale projects with project managers & Engineering teams
• Develop and maintain security standards & patterns and participate in Architecture Review Board (ARB)
• Conduct threat modeling to identify, communicate, and understand threats and mitigations within the context of protecting enterprise infrastructure and applications
• In collaboration with project team provide regular updates on all projects and be proactive with communication to all parties on timelines and concerns
• Provide technical leadership and support not only to cybersecurity team members, but also to infrastructure, engineering, development, and business teams
• In close partnership with Engineering, document design to ensure a smooth transition to daily operational support
• Occasionally provide off hours support of new implementations, migrations, or large-scale changes

What’s in it for you

• Encouragement to be the best version of yourself at and away from work:

• • YOUnity diversity and inclusion programs
  • Amazing time away from work programs
• Support for your total well-being through our Live Well, Work Well programs targeting all aspects of your life
• Recognition for your contributions through excellent pay, perks, and rewards
• Giving where you’re living: volunteer days, Ceridian sponsored events, and our very own charity, Ceridian Cares
• Opportunities to fuel your career growth through numerous internal and external programs and events

Skills and experience we value

• 10+ years’ hands-on experience designing, implementing, and operating complex multi-vendor, multi-cloud enterprise networks
• 10+ years’ experience in a network engineering function providing core network services for public, private, and hybrid environments
• In depth knowledge of cloud computing environments including software-, infrastructure-, and platform-as-a-service, as well as public, private, and hybrid environments.
• In depth knowledge in designing cloud zero trust networking segmentation in multi-cloud environments
• In depth knowledge of automating network infrastructure using Infrastructure-as-code (IaC) templates and third-party network security appliances
• In depth knowledge and hands-on experience with multi-cloud connectivity, modern & legacy data center networks, as well as WAN architecture
• Hands-on experience in cloud networking technologies and multi-cloud connectivity (VPCs, Transit Gateways, NSGs, VNets, Virtual Hub, Load Balancers, etc.)
• Experience in secure cloud architecture including containers, SDN, HA, serverless compute
• Experience in modern remote access technologies (SSE, SASE)
• Experience with Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) tools
• Strong understanding of DNS, DHCP and IAM
• Working knowledge of application development practices, CI/CD pipelines, & shift left best practices
• Working knowledge in Azure / AWS Public Cloud, Cloud Native Design, Microservice Architecture, and Containerization
• Working knowledge of DevOps, IAC (Terraform/ARM), source code management tools (Azure DevOps), pipeline deployments, cloud native logging, cloud secrets management
• Working knowledge of compliance requirements such as NIST 800-171 and cloud security benchmarks
• Comfortable working with scripting languages such as PowerShell, Python, JavaScript, Bash
• Excellent verbal and written communication skills needed to communicate complex problems to both technical and executive audiences as well as influence the decision-making process.
• Experience working effectively in virtual environment where key team members and partners are in various global time zones
• Industry certifications, such as:

• • Azure / AWS security and/or networking specialty certifications (strongly preferred)
  • Certified Cloud Security Professional (CCSP)
  • Certified Information Systems Security Professional (CISSP)

• Bachelor’s degree is a plus #LI-REMOTE