Senior Lead Cloud Security Architect at Cox Automotive

The Senior Lead Cybersecurity Architect isresponsible for defining the principles, standards, and designpatterns to build secure products and enterprise tools for all ofCox Automotive's multi-cloud and on-premises environments. Thisposition's architecture focus is on securing multi-cloudinfrastructure and services and on-premises infrastructure. Peercybersecurity architects will be focused on application security,software as a service (SaaS), and networksecurity.

This role will usetheir deep cybersecurity knowledge in the designing and building ofsecure infrastructure and services in both multi-cloud andon-premises environments. They must be able to collaborate withcross-functional teams throughout the organization and proposewell-defined cybersecurity architectural guidelines to be adoptedby product and enterprise engineering teams. This role willdirectly report to the Senior Director of CybersecurityArchitecture at CoxAutomotive.



PrimaryResponsibilities

• Identifyand recommend relevant cybersecurity policies, standards,procedures, andguardrails.
• Drive thedefinition of cybersecurity guidelines across the product andenterprise architecture group by leading working groups focused oncybersecurity.
• Developsecure design patterns in conjunction with the product andenterprise architecture group based on standards that can beadopted and implemented by engineeringteams.
• Contribute to thedevelopment of non-cyber architecture-related governance patterns,policies, andstandards.
• Provides complexanalysis of potential risks to information systems' security andrecommends innovativesolutions.
• Work withcross-functional technical, development and delivery teams toensure the application of smooth, efficient and scalable releaseprocesses.
• Engage withbusiness teams and engineering teams to define cybersecurityguardrails that promote efficient and seamless adoption of securedesign patterns.
• Participatein security events and incident response to identify gaps incurrent design and propose solutions to prevent threats fromreoccurring.
• Research andevaluate emerging security trends, threats, and technologies, andrecommend appropriate solutions andenhancements.
• Collaboratewith data users, software and other technical stakeholders toensure security considerations are factored into and underpindevelopment and operational decisionmaking.
• Collaborate withcybersecurity peers to incorporate vulnerability management,governance, risk and compliance, cyber defense, continuous controlsmonitoring, and identity governance into cybersecurity standards asa cohesive cybersecurityorganization.

MinimumQualifications

• Bachelor'sdegree in a related discipline and 8 years of experience in arelated field. The right candidate could also have a differentcombination, such as a master's degree and 6 years of experience; aPh.D. and 3 years of experience in a related field; or 12 years'experience in a relatedfield.
• At least 4 yearsfocused oncybersecurity.
• Must havepractical expertise in AWS cloud infrastructure and services andon-premisesinfrastructure.
• Clearlyarticulate the objective of specific cybersecurity policies andprocedures to technical and non-technicalstakeholders.
• Excellentcustomer service skills, writing, and executive presentationskills.
• Develop a strong andproductive working environment with key stakeholders andcollaborate closely with other Cox entities' cybersecurity teams toimplement cybersecurity bestpractices.
• Consultativenature to work through controversial or complex topics toemployees, leaders, and/or seniorleadership.
• Evaluate risksand recommend actions based on impact and likelihood of the risk tothe business.
• Knowledge ofcurrent cybersecurity and technology architectures such as zerotrust, IaaS, PaaS, SaaS, virtualization, andcontainerization.
• Creativelysolving complex cybersecurity challenges while exhibiting solid,pragmatic businessacumen.
• Experience utilizingAgilemethodologies.
• Initiatingchange and deploying solutions in Fortune 1000companies.
• Knowledge ofcybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) andindustry relevant regulations that will guide architecturalrequirements (e.g., GDPR, FFIEC,GLBA).
• Collaborate with AIagents to create, validate, and assess architecturalartifacts
• Leadcross-functional teams in designing AI-enhanced solutions,establish standards for AI integration, and assess AI technologieswithin solutionarchitectures.
• ImplementAI-driven architectural governance and compliance by definingrobust AI governance frameworks and referencearchitectures.
• Improvevendor tool assessments using AI to speed evaluations and minimizemistakes andunknowns.

PreferredQualifications

• Experiencein the development and design of cybersecurity standardmethodologies to all layers of the hosting and application stack inboth cloud and on-premisesenvironments.
• Relevantexperience with application security, SaaS, network security,DevSecOps, and software-defined networking across a variety ofenvironments anddeployments.
• Knowledge ofIdentity and Access Management (IAM), cryptography / keymanagement, secrets management, access controls and securityprotocols (e.g., multi-factor, SAML, OAuth,OIDC).
• Experience withapplication security implementations and standardmethodologies.
• Extensivetechnology knowledge and recognized expertise in several areasincluding Python, .NET, Java, Spring frameworks, Oracle,serverless, cloud patterns, cloud service and user authenticationor similar.
• Experience withfirewall, web application firewalls, and other edge services aswell as deep understanding of DMZ and other networkarchitectures.
• AWSWell-ArchitectedFramework.
• Experienceestablishing a strategy for and implementing cloud enterprisesolutions in AWS, GCP, orAzure.
• A strongunderstanding of cloud containers and/or serverless platforms(e.g., EKS, ECS, Lambda,Fargate).
• Big fourconsulting or Fortune 500 companyexperience.
• Relevantindustry certification (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM,CISA).

USD144,900.00 - 241,500.00 peryear

Compensation:

Compensationincludes a base salary of $144,900.00 - $241,500.00. The basesalary may vary within the anticipated base pay range based onfactors such as the ultimate location of the position and theselected candidate's knowledge, skills, and abilities. Position maybe eligible for additional compensation that may include anincentiveprogram.

Benefits:

TheCompany offers eligible employees the flexibility to take as muchvacation with pay as they deem consistent with their duties, thecompany's needs, and its obligations; seven paid holidaysthroughout the calendar year; and up to 160 hours of paid wellnessannually for their own wellness or that of family members.Employees are also eligible for additional paid time off in theform of bereavement leave, time off to vote, jury duty leave,volunteer time off, military leave, and parentalleave.

Applicants must currently be authorizedto work in the United States for any employer without current orfuture sponsorship.