Associate Director, Cloud Security Architect

About the job

Best Buy Enterprise Risk & Compliance teams are working in a hybrid work model. Most roles can predominantly work from home but the person who fills this role will must be within a commutable distance to Richfield, MN, Seattle, WA, Atlanta, GA, or Boston, MA

The Associate Director, Cloud Security Architect will assist digital and technology teams in architecting applications and infrastructure solutions in Amazon Web Services, Google Cloud, and Microsoft Azure. They should be an architect with a customer focused mindset that is excited to collaborate with application teams that are migrating their applications from Best Buy’s data center to the cloud. The architect will create and update security policies, standards, and guidelines for cloud technologies and create secure patterns for application migrations to cloud services and infrastructure.

This role is part of the Chief Information Security Officer (CISO) organization within Best Buy’s Enterprise Risk and Compliance organization. This is an individual contributor associate director level role.

Key Responsibilities

• Create and update security policies, standards, and guidelines
• Provide architecture support for a complex multi-cloud environment consisting of Amazon Web Services (Primary), Good Cloud Platform, and Microsoft Azure
• Define and advocate for what ‘good’ looks like Best Buy cloud environments
• Create secure patterns to simplify secure application migrations to cloud environments
• Recommend controls in cloud environments that meet compliance requirements (PCI, HIPAA, HITRUST, SOX)
• Assist technology and security teams evaluate new services, technologies, and solutions
• Collaborate with business and technology teams to identify cloud solutions and overcome cloud migration challenges
• Design controls and processes that embeds and enforces secure configurations
• Foster an environment of inclusion and diversity where team members and colleagues can bring their full experience and ideas forward

Minimum Qualifications:

• 7+ years of work experience in technology engineering, architecture, and design
• 5+ years of work experience in Identity and Access Management (IAM) technology
• 2+ years of work experience in cloud architecture and design
• Strong understanding of cloud and cloud-native technology with specific understanding of how security risks manifest in these environments

Preferred Qualifications:

• Knowledge of common cryptographic controls and patterns
• Knowledge of common continuous integration and continuous deployment patterns and security configuration management
• Knowledge of tools and techniques used by attackers to gain unauthorized access to systems
• An understanding on how application-layer vulnerabilities affect cloud infrastructure
• Hands-on experience with some of the following technology:
  • Cloud native security tools (GCP Security Command Center, Azure Security Center, AWS Guard Duty)
  • Docker and Kubernetes
  • Industry relevant certifications or trainings
  • Previous Experience with Cloud Security Posture Management Tools