Cloud Security Architect

Advance Auto Parts is looking for a Cloud Security Architect to join our team in Raleigh, NC. The Cloud Security Architect leads the design and development of innovative security architectures for protecting cloud workloads and data deployed into different types of cloud and cloud/hybrid systems. This position contributes to the overall enterprise cloud architecture and leads the security vision and strategy around cloud-based applications across all types (including Infrastructure, Platform and Software as a Service (IaaS/PaaS/SaaS). The Cloud Security Architect will serve as the central point of contact for Corporate Information Security and other technology teams within Advance Auto Parts for all matters related to cloud security.

NOTE: OPEN TO REMOTE WORK WITHIN THE U.S.A

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.

• Architecting solutions within Microsoft Azure, Amazon Web Services (AWS) and, preferably, other cloud Providers.
• Assessment, development, implementation, operationalization, and documentation of a comprehensive set of security technologies and processes (Secure software development [application security], data protection, cryptography, key management, identity and access management (IAM), network security, within SaaS, IaaS, PaaS, and other cloud environments.
• Federation and Single Sign On services.
• Common and industry standard cloud-native / cloud-friendly authentication mechanisms (SAML, OAuth, OpenID, etc.).
• Service-oriented architecture for cloud-based services.
• Cloud security and governance tools, cloud access security brokers (CASBs) and server virtualization technologies.
• Cloud security posture compliance management.
• Enterprise application architectures and best practices.
• Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and Microsoft Azure platforms.
• Based upon business requirements, design cloud-native architectures and patterns that will allow those requirements to be met with a minimal degree of risk to AAP and with appropriate security controls.
• Acts as the technical representative for Corporate Information Security while engaging with other technical leaders throughout AAP in design and implementation of cloud and cloud/hybrid based implementations and solutions.
• Works with other technical organizations to choose appropriate technology solutions and facilitates complete integration in the enterprise environments.
• Develops applicable security standards and cloud policies in partnership with other teams.
• Identifies, recommends, coordinates, and conducts informal/formal sessions to deliver timely knowledge to various teams regarding technologies, processes, or tools.
• Develops and coordinates strategies to increase Cloud Security knowledge throughout AAP, as well as developing and mentoring more junior staff.

COMPETENCIES AND SKILLS:

• In-depth expertise in your area(s) of technology and take leadership in it.
• Ability to collaborate with other leaders who can supplement your knowledge in other areas.
• Ability to capitalize on work already completed, using experience from similar situations, and adapting them to the current situation.
• Have and maintain a global view of alternative solutions available on the market and be able to discuss and compare them with the solution being proposed.
• Understand the costs and business impacts of the technologies and solution you are proposing, keeping business benefits and the client’s priorities paramount.
• Exceptional communications skills with diverse audiences.
• Strong critical thinking and analytical skills.
• Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
• Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.
• The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background.
• Deep understanding of the conflicts that often exist between business user experience and information security.
• Ability to promote and champion the importance of information security to business partners to address perceived business risks.
• Ability to understand and communicate that security is not a cost, but a business enabler, helping to achieve business objectives.
• Ability to listen and learn.
• Lead diplomatically.
• Discuss design principles and constraining factors and be prepared to defend the design rationale behind your solution.
• Common sense approach to planning and design of a solution and match it to the client’s situation.
• Confidence and ability to project an authoritative presence.
• Demonstrated ability to manage multiple priorities.
• Ability to keep an open mind.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Deep and broad understanding of cloud/cloud hybrid platforms (IDaaS/IaaS/SaaS/PaaS) and associated security tools and processes.
• Solid technical security foundation with the ability to learn new security skills and concepts quickly.
• Experience with deployment orchestration, automation and security configuration management.
• Architecture of mobile platforms, solutions, integrated with cloud-based services (Preferred).
• Detailed understanding of SSL/TLS protocols and certificate-based solutions (Preferred).
• Ability to understand and write in at least one common cloud scripting language (Preferred).

EDUCATION and/or EXPERIENCE

Bachelor’s degree in Computer Science, Cybersecurity, or equivalent experience and knowledge in a related field of study

10+ years of experience in Information Security; or equivalent combination of education and experience.

8+ years of practical experience in IT field is required.

5+ years of direct information security experience in the security architecture area including

2+ years of Cloud technical environment experience.

SUPERVISORY RESPONSIBILITIES

None

CERTIFICATES, LICENSES, REGISTRATIONS

• Cloud Security and Architecture related certification (Amazon AWS Certified Solutions Architect (Preferred).
• Security industry certifications are required including but not limited to CISSP, CISM, etc.
• One or more SANS GIAC certifications preferred

KN AAP