Sr Operations & Security Architect - Austin, TX

Job Summary

Contributes to the development and achievement of the strategic objectives and alignment of security architecture of James Avery's business strategy. Interprets business needs to define and address architectural requirement solutions and ensures security policies, procedures and infrastructure are clear, comprehensive and effective. Configures, manages and leads risk initiatives on the operational security infrastructure and focuses on the development and implementation of access management architecture. Collaborates with IT and other cross-functional groups on security standards, privacy and audit compliance.

WHAT YOU WILL BE DOING:

• Configuring and managing the current operational security infrastructure, including SIEM, Data Loss Prevention, anti-malware, encryption, multi-factor authentication, security management in a hybrid architecture using Azure cloud IAAS/PAAS and on premise distributed environments.
• Analyzing security events, investigating, and resolving security incidents and documenting findings and analysis.
• Direct Security Operations Center (SOC) activities, including incident detection, response, and resolution.
• Add new log sources to SIEM platform whenever applicable.
• Drive the development and execution of incident response plans to minimize potential security breaches. Develops playbooks for incident response scenarios.
• Proactively identifies security risks and make recommendations for security and/or operational improvements. Understanding and researching internal infrastructure to provide security recommendations.
• Collaborates with IT teams, Compliance/Privacy and Audit teams to understand IT architecture and ensure security deficiencies are identified proactively and addressed in a timely manner.
• Participates and/or leads post-incident analysis reviews with appropriate stakeholders.
• Developing and applying business-appropriate information security strategy, recommendations/solutions and documentation that address and/or mitigate security risks while respecting culture and values.
• Serves as a subject-matter expert on information security topics and trends and advising management on Network, Identity, Cloud, and Endpoint security architecture, configuration, and operation.
• Maintains strong partnerships with key internal stakeholders (i.e., Privacy, Compliance, Development, IT, Leadership) and external auditors/vendors.

WHAT IS REQUIRED:

• Bachelor's Degree in Information Technology, Cybersecurity, Computer Science or related field; or equivalent combination of education and/or experience.
• 7 years' direct information security and/or IT operations experience.
• Strong technical security background and expertise with industry standard security tools and practices such as penetration testing, design and architecture, network segmentation, cryptography, access control, and/or secure identity integration.
• IT Security audit experience.
• Advanced problem-solving skills with ability to effectively troubleshoot and resolve complex issues.
• Ability to manage multiple projects simultaneously and strategically prioritize to meet established deadlines.

PREFERRED QUALIFICATIONS:

• Certified as CISSP, SSCP, Security+, CEH, or other equivalent certification.
• Leadership experience within a Security Operations Center (SOC) or similar environment.
• Project management experience.
• Experience in developing and delivering security awareness and training programs.
• Knowledge of threat intelligence, security analytics and advanced security technologies.