Senior Security Architect

The Role Security Architect

We are looking for a Security Architect to be responsible for the security design, review, testing, and implementation of security capabilities within Arrive products, across the group.

The Security Architect's responsibilities include reviewing our current security measures, identifying areas of strength and weakness, recommending enhancements, assisting with compliance activities, assisting in the integration of security tests and tooling all along the software delivery chain, and responding promptly to security incidents.

To be a successful Security Architect, you should be experienced in application security and risk assessment, with a strong understanding of security protocols, of authentication and authorization patterns, of on-prem, cloud and hybrid infrastructure security and application security, both build time and runtime. You should also possess strong interpersonal and communication skills.

• A thorough understanding of the organization's technology and IT systems.
• Translate business requirements and use cases into security controls and standards.
• Plan, research, and design secure application architectures and CI/CD pipelines
• Develop, review, and collaborate on the configuration of cloud account configuration, network isolation, security groups, access policies, network policies, VPNs, and overall compute platform security, including both host-based and container-based workloads.
• Integrate identity management systems, digital certificates, and secrets management with application workloads.
• Assess security capabilities, evaluate tools and approaches and make recommendations as part of the application security roadmap that is fed into team backlogs
• Help teams to do their threat modeling, review vulnerabilities and suggest strategies and tactics for remediation.
• Validate security implementations and participate in remediation and risk acceptance efforts.
• Define, track and report on security metrics to demonstrate security maturity and program effectiveness.
• Establish disaster recovery procedures and conduct security breach drills.
• Respond quickly and effectively to all security incidents and provide post-event analyses.
• Guide the overall security community, cultivating a sense of security awareness, and arranging for continuous education.
• Participate in Compliance Framework and audits in the Engineering organisation (ISO 27001, GDPR, SOC2, ISAE 3402, TX RAMP…)
• Remain up to date with the latest trends, standards, and products.

• A bachelor's or associate's degree in IT, computer science, or equal experience.
• 5-10 years or more of experience in application development and security.
• Experience with AWS, including EKS, multi-account setups, Guard Duty, KMS, Config, SSM, Cloud Front, Firewall Manager, Shield, Network Firewall, WAF, IAM, Cloud Trail, Security Hub, Secrets Manager, Inspector, Global Accelerator, ELB, EC2, Athena.
• Experience with designing and implementing security for APIs (e.g., authentication, authorisation, rate limiting, API gateways)
• Experience with data centers and hybrid environments.
• Experience with container security platforms, orchestration, and runtime protection.
• A strong working knowledge of current application and infrastructure risks, secure application design, and operating systems including both Windows and Linux experience.
• Excellent teaching, problem-solving, communication, and interpersonal skills.
• Experience integrating security into Dev Ops pipelines and fostering a Dev Sec Ops  culture.
• Knowledge of Java, Kotlin, JavaScript, NodeJS, Go, Kotlin, Swift, Python, bash, Ruby, C# and SQL.
• Knowledge of data encryption, data loss prevention (DLP), and data privacy regulations.
• Knowledge of security testing tools (SAST, DAST, CNAPP) integration and implementation.
• Knowledge on securing serverless functions and platforms would be a bonus.
• Knowledge on security aspects of hardware would be a bonus.

Arrive, including brands like Easy Park, Flowbird, Ring Go, Park Mobile, Your Parking Spaceand  Parkopedia, is a leading global mobility platform. Present in over 90 countries and 20,000…