Security Architect

Job Description

The Security Architect is a key member of the Hertz Global Information Security & Compliance organization. Lead role for maintaining a cyber security architecture program, standards, and security technology effectiveness. Consults on security for all Hertz technology projects, identifies risks, and contributes to the architecture of each project.

• Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with cloud, business, technology, and threat drivers.
• Develops security strategy plans and roadmaps based on sound enterprise architecture practices.
• Creates and maintains security architecture artifacts (i.e., threat models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Determines baseline security configuration standards for operating systems (i.e., CSPM, OS hardening) network segmentation.
• Develop strategy for monitoring and managing Hertz external attack surface.
• Develops standards and practices for data encryption and tokenization within Hertz, based on data classification criteria.
• Drafts security procedures and standards to be reviewed by executive management and/or formally authorized by the Chief Information Security Officer.
• Establishes a taxonomy of indicators of compromise (IOC’s) and shares this detail across the Hertz Cyber Security and Compliance organization, as well as counterparts within the Technology organization.
• Tracks developments and changes in the Hertz digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.
• Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable.
• Validates security configurations and access to security infrastructure tools, including firewalls, IPS, WAF, and endpoint protection systems.
• Conducts and participates in threat modeling of services and applications that tie to the risk and data associated with the service or application.
• Coordinates with legal and compliance teams to document data flows of sensitive information within Hertz and recommends controls to ensure that this data is adequately secured.
• Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use, based on security, financial, and operational metrics.
• Liaises with other security architects and security practitioners to share best practices and insights.
• Partners with internal audit to review and evaluate the design and operational effectiveness of security-related controls.
• Drive optimal cyber security services to complete resolution according to security SLA’s.
• Handle all private information with discretion and keep sensitive information private.
• Partners with the enterprise architecture team to ensure all architectural artifacts are aligned with Hertz enterprise architecture strategies.
• Excellent teamwork competencies, seeks out opportunities to partner with all stakeholders.
• Mentors' junior security staff.

• Bachelor's degree in computer science, MIS, or related field or equivalent experience.
• 7+ years of Information Security experience required, preferably in a global Fortune 500 corporation.
• Applied knowledge of multiple security architectures to include cloud security.
• Experience with the Network Security architecture methodologies.
• Experience with STRIDE threat assessment methodologies.
• Experience with a wide range of enterprise common security platforms, endpoint security, vulnerability management, etc.
• Experience with network analysis tools.
• Experience with edge security tools such as Imperva, Zscaler, and AWS WAF
• Experience with securing cloud technology such as AWS
• Experience using security tools such as Wiz.io
• Experience automating processes using cloud tools such as AWS Lambda
• Experience scripting in python, Power Shell, etc.
• Deep expertise in security architecture.
• Capable of working under pressure in a continually changing fast paced environment.
• Ability to effectively collaborate with stakeholders across a global environment.
• Strong written and verbal communication skills.
• Strong analytical and problem-solving skills.
• Certifications desired: AWS Solutions Architect, AWS Security Specialty, Certified Information Systems Security Professional, (CISSP) Certified Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC Certified Intrusion Analyst, Global Information Assurance Certification.
• Ability to influence
• Flexible and adaptable; ability to work effectively in ambiguous situations
• Excellent verbal and written communication skills
• Results driven, ability to make decisions and help solve problems
• Ability to work under minimal supervision with a goal-oriented mindset.
• Ability to see the big picture and leverage critical thinking and…