Enterprise Security Architect

Summary

Join Rubrik as an Enterprise Security Architect and ensure Rubrik's Corporate IT services meet the highest security standards. Partner with various stakeholders to achieve security outcomes. Design and implement secure infrastructure, define security policies for cloud environments, and work with development teams on security standards. Analyze and harden applications and infrastructure. Support incident response and analyze threats. This role requires extensive experience in enterprise security, cloud technologies, and various security tools. A Bachelor's degree is required.

Requirements

• 6+ years experience in enterprise security, with hands on experience in administration and design across Windows, Mac, Okta and public cloud infrastructure
• 2+ years experience in VMWare and/or Network security modeling
• Broad knowledge of enterprise attack vectors and exploits in both end-user and IT Apps
• Subject matter expertise in business applications, endpoint and Identity management
• Deep understanding of endpoint systems, corporate networking including wi-fi and IT application systems (Salesforce, Mulesoft, Keeper, etc)
• Programming experience in Python, Go or Java
• Security expertise in at least one major public cloud provider (AWS, GCP, Azure)
• Experience with deploying and securing Enterprise applications and environments at scale
• Knowledge of regulatory guidelines and standards such as SOC2, ISO 27001, FedRAMP, etc
• Understanding of corporate security maturity model frameworks and how to apply them
• Strong written and verbal communication skills
• Bachelor’s degree required; BS or MS in Computer Science, Information Technology, or a related field

Responsibilities

• Partner with all teams across Rubrik to create secure corporate infrastructure design and deployment architectures utilizing threat models and risk analysis documentation
• Define organization policies for secure cloud design models within enterprise, hybrid, and public cloud environments including VMware, AWS, Azure and GCP
• Work with development teams, operations, governance, and other stakeholders to draft security standards and implement monitoring, alerting, and governance
• Design and implement standards across Identity (Okta), Endpoint (Windows, MacOS, Linux), Secrets Management (Vault, Keeper) and Business Applications (Salesforce, MuleSoft, Slack)
• Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks
• Analyze and harden existing applications, infrastructure, automation, and deployment processes including CircleCI and Github
• Know, acknowledge, and follow system-specific security policies and procedures
• Protect data and individual privacy per requirements and regulations
• Perform ongoing activities in compliance with service and contractual obligations
• Participate in role-based training, completing assignments on a timely basis
• Report security issues promptly, and aid investigation when needed
• Support controlled changes and vulnerability remediation activities
• Work collaboratively with Information Security in designing, implementing, assessing or enhancing system-specific security and privacy controls

Benefits

• Bonus potential
• Equity
• Benefits