Deltek is seeking a highly motivated Cloud Security Architect to develop a security and risk strategy for Deltek’s SaaS product environment in AWS and Azure. You’ll work closely with Operations and Product teams to define security architectures that ensure Deltek’s products are delivered in a secure and resilient manner to our customers. The role will require that the individual be familiar with AWS and Azure, and cloud technologies such as IaaS and PaaS, cloud network architectures, NIST frameworks, and the ability to drive security capabilities to their maximum value.
The successful candidate is able to identify gaps in security posture, practices and recommend and implement solutions though automation, tools or education to administrators, developers and product management. You’ll understand Deltek’s business, and most importantly our customers, and wield cloud security technologies to counter the current and emerging security threats they face.
This position requires the ability to architect, collaborate, influence, and clearly communicate across all levels of Deltek’s Product and Operations Teams. This is an opportunity for a proven Cloud Security Architect to continuously improve security across multiple clouds as Deltek grows as a SaaS company. With a spectrum of products, you can fluidly adapt to changing priorities and business requirements across our software and cloud solutions.
This position will define and maintain the security architectural frameworks, processes, standards and guidelines covering Deltek’s SaaS environment across AWS and Azure.
Provide cloud security and architectural subject matter expertise to the various Cloud Operations and Development teams, advising on architectural decisions and collaborating with technical staff on cloud security technologies and focusing the mindset on security.
Review and assess designs and new tools/technologies to ensure robustness, adherence to standards and processes, delivery of stable and scalable solutions with risk mitigation baked in.
Implement controls and countermeasures across cloud environments according to FedRAMP, NIST 800-171, 800-53, and CSF. Map and provide security support to audit and compliance efforts.
Collaborate across groups to design and integrate secure cloud architectures and methodologies across PaaS, IaaS, serverless compute and event-driven platforms.
Define standards for identity and access management across the cloud admin and product planes.
Work collaboratively with Operations Teams to integrate continuous security into automation and monitoring to enable quick builds and service uptime across environments.
Develop automated mechanisms to report on CSP status for risk indicators such as vulnerability status, incident response interactions, network flow, and integration of security logs into Deltek’s SIEM.
Develop and maintain a security architecture for products and cloud environments that are clearly aligned and balanced with Deltek business, technology and addresses external threats.
Write internal and customer-facing whitepapers to communicate, in business language, information about Deltek Cloud data security, data protection, and security operations
Requires 8 years with BS or 6 years with MS in Computer Science, Technology, Engineering, Math or related field and 5+ years of prior relevant software engineering or DevOps experience.
A certification such as: AWS Certified Solutions Architect, or AWS Certified Security Specialty, MCSA Cloud Platform Certification, and CISSP.
Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems (Windows and Linux).
Direct, hands-on experience managing security infrastructure such as IPSs, WAFs, CDN, ELBs, VPC, SIEM and log management technology.
Secure implementation of IAM, PAM, PIM, ADFS, IdP, AWS IAM, SSO, SAML, WebAuthn, MFA, Encryption and DLP technologies.
Familiar with CI/CD tools such as: Puppet, TFS, Azure DevOps.
Seven to ten years as a security architect, preferably including enterprise SaaS/Cloud operations
Practical experience delivering solutions to enable security compliance (SOC2, ISO27001, GDPR, FedRAMP etc.)
Experience instituting guidelines and mentoring others in cloud security best practices
Positive attitude with an ability to adapt working style for business or technical interactions