Enterprise Security Architect

Summary

Join Coupa as an Enterprise Security Architect to design, build, and implement robust security solutions. You will conduct security assessments, develop security standards, and provide expert guidance on best practices. This role requires collaboration with various teams, staying current on security trends, and ensuring regulatory compliance. The ideal candidate will have extensive experience in information security architecture and a strong understanding of security frameworks and technologies. Coupa offers a collaborative culture and the opportunity to make a global impact. This is a remote position.

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field
• Minimum of 15 years of experience in information security, with at least 10 years in a security architecture role
• Strong understanding of security frameworks and standards (e.g., NIST, ISO 27001, CIS Critical Security Controls)
• Proficiency in designing and implementing secure architectures for cloud environments (e.g., AWS, Azure, GCP)
• Experience with various security technologies, including firewalls, intrusion detection/prevention systems (IDPS), SIEM, endpoint security, and data loss prevention (DLP)
• Knowledge of secure coding principles and application security best practices (e.g., OWASP Top 10)
• Familiarity with network security protocols and technologies (e.g., TCP/IP, VPN, DNS, SSL/TLS)
• Experience with identity and access management (IAM) solutions
• Understanding of cryptography and secure communication protocols
• Experience with penetration testing and vulnerability management
• Experience with privacy (data protection and incident management)

Responsibilities

• Design, develop, and implement secure architectural solutions for applications, systems, and networks
• Conduct security assessments and risk analyses of existing and proposed systems
• Develop and maintain security standards, policies, and procedures
• Provide expert guidance and recommendations on security best practices to development, operations, and business teams
• Evaluate and recommend new security technologies and tools
• Stay up-to-date with the latest security trends, threats, and technologies
• Collaborate with compliance and legal teams to ensure adherence to regulatory requirements (e.g., GDPR, HIPAA, PCI DSS)
• Participate in security reviews of third-party vendors and solutions
• Manage and support security assessments (e.g. ISO27001, FedRamp, SOC2)
• Adept at creating technical documentation and data flow diagrams (DFDs)

Preferred Qualifications

• Master's degree preferred
• Certified Information Systems Security Professional (CISSP)
• Information System Security Architecture (CISSP-ISSAP)
• Certified Information Systems Auditor (CISA)
• Certified Cloud Security Professional (CCSP)
• CERT Applied Data Science for Cybersecurity Professionals
• Generative AI for Cybersecurity Professionals
• Certified Data Privacy Solutions Engineer
• ISO 27001 Lead Auditor or Implementer
• Certified SCADA Security Architect (SSCA)

Benefits

#LI-Remote