Job Details

Lead Salesforce SaaS Security Architect virtual remote work at home

Company name
Humana Inc.

Location
Washington, DC, United States

Employment Type
Full-Time

Industry
Work At Home, It

Posted on
Apr 09, 2021

Apply for this job






Profile

Description

Lead SaaS Security Architect

We are searching for experienced Security Architect who can utilize solid business knowledge and expert technical experience in security to help develop strategy, roadmap and execution for our SaaS Security program with a primary focus on Salesforce. As a Lead you will provide security consulting, engage in solutions design, manage risks, and actively engage in SaaS continuous control monitoring. You will support the secure and efficient migration of enterprise services to the Cloud. Works closely with SaaS teams, like Salesforce, to ensure security initiatives are in line with all other key initiatives that may have interdependencies. Supports project teams to recommend technology and control alignments and reviewed by EIP and that applicable security controls are properly incorporated.

Responsibilities

Job Description:

Create structure through ambiguity by creation of process and procedures then train other team members to execute.

Perform architectural and engineering of security capabilities within SaaS environments including Salesforce.

Perform risk assessments, follow and enhance the security solutions lifecycle (evaluation, purchase, build, technical policy configuration, integration into Cloud environments, and run).

Partner to build, operate, and remediate continuous control assessments within SaaS platforms with a focus on Salesforce

Act as a subject matter expert on the implementation and capabilities of existing security controls into SaaS with a focus on Salesforce.

Provides direction and thought leadership to enterprise-wide initiatives applying security principles such as access control, encryption, and host security as well as state of the art and emerging technologies such as cloud computing, mobile computing, and next generation architecture into SaaS environments

Interpret control requirements into technical solutions. Lead efforts to create and adopt solutions across the enterprise.

Provide regular updates and presentations to leaders and technical sme's.

Research and Development

Stays continually informed about the latest developments in the security field, including mitigation strategies, threats, tools, attack vectors, and cutting edge preventative measures.

Participates in new products or technology solutions supported by appropriate ROI, total cost of ownership, and/or cost benefit analyses.

Performs technical proof of concepts.

Required Qualifications:

Extensive knowledge and experience designing and engineering security controls in Salesforce.

Extensive knowledge and experience with designing and configuration of SaaS platforms such as Salesforce and Heroku.

Extensive knowledge and experience with the configuration of security controls and secure migration of enterprise applications to one of the major cloud providers such as Azure (preferred), Amazon Web Services, or Google Cloud.

Extensive knowledge and experience with developing Cloud Security Frameworks using industry best practices such as those from the Cloud Security Alliance (CSA) and NIST CSF and regulatory requirements such as HIPAA, HITrust and PCI or closely related.

Experience with implementing security tools and architecture in Cloud environments such as(not all are required):

Access Controls

Data Loss Prevention (DLP)

Web Application Firewalls (WAF)

Secure SDLC and Software Security

Nextgen Firewalls

Anti-malware and anomaly detection controls

Data encryption in transit and at rest

Network security

Monitoring

Experience with a formal requirements definition and RFI/RFP process

Preferred Qualifications:

Bachelor's degree in an IT-related field required; post-graduate degree is a bonus, but not required

Knowledge of the Mitre ATT&CK framework and NIST Cyber Security FrameworkFamiliarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.)Experience with incident response procedures

Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms.

Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams.

Solid knowledge and understanding of security regulations and best practices such as PCI, SOX, HIPAA, or the ISO 27000 family of standards.

Solid knowledge and understanding of systems development life cycle (SDLC).

Demonstrated experience translating business requirements into architectural deliverables and technical specifications.

Demonstrated experience communicating technical information to business clients and less experienced technologists.

CISSP, CISM or equivalent

Experience with CI/CD pipelines

Cloud Architecture and/or Cloud Security Certifications (AWS, Azure, GCP)

Cloud Security Alliance (CCSP, CCSK) (ISC)2

Scheduled Weekly Hours

40

Company info

Humana Inc.
Website : http://www.humana.com

Similar Jobs:
Description Join us and be a part of the unique opportunity to transform Humana into a consumer focused healthcare leader backed by digital platforms. We're looking for someone who craves new challenges and solves hard customer p...
Creative/Web Development
Location : Laurel, MD
Candidate should have experience and talent with web development, HTML, Flash, Javascript, database/web integration, and ASP. Some experience with VBscript and SQL Server would be a plus. Should be motivated and stimulated by prob...
Information Assurance Program Management Support
Location : Washington Navy Yard, DC
Duration: 4 Years Responsibilities: IA Program Management Tasks: • Work with Assistant CIO for IA to define and document IA business processes. • Provide technical and application support to field component IA workforce and Progra...
What I liked about the service is that it had such a comprehensive collection of jobs! I was using a number of sites previously and this took up so much time, but in joining EmploymentCrossing, I was able to stop going from site to site and was able to find everything I needed on EmploymentCrossing.
John Elstner - Baltimore, MD
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
InformationTechnologyCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
InformationTechnologyCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2024 InformationTechnologyCrossing - All rights reserved. 168 192