Sr. Principal Security Architect
Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people’s intent as they interact with critical data and intellectual property wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.
The Sr. Principal Security Architect is a member of Forcepoint's internal security team and is responsible for designing and maintaining our corporate security architecture and internal governance programs. This role works closely with various functional teams to perform validation of security controls and acts as the highest technical escalation point for all internal security matters.
- Provide a reference architecture for the entire enterprise that includes all security tools and processes
- Provide design documentation for critical projects, develop global standards, and prepare architecture diagrams.
- Aid in the ongoing optimization of network security, corporate group policy, endpoint security, vulnerability analysis, application security, data loss prevention, SIEM, and various other security instruments.
- Provide technical leadership and mentor internal team members on information assurance principles and security best practices.
- Perform periodic security audits and assessments for existing corporate infrastructure, new global business initiatives, and potential third-party acquisitions.
- Develop metrics that demonstrate current security and risk state, indicators of progress, and the business alignment for those activities
- Assist in the development of corporate security policies and guidelines.
- Work with internal functional teams and external vendors to perform validation of security controls.
- Advise on the evolution required for organization’s security posture to adapt to emerging technology, risks and threats
- Develop Business Continuity Processes and Disaster Recovery documentation, diagrams and implementation
- Work with engineering and Forcepoint product teams on internal betas for Forcepoint products, and participate in meetings to suggest product improvements.
- Respond to, advise, and assist in the resolution of critical security incidents as required.
- Perform other duties and projects as assigned.
Education and Experience
- A BS/MS degree in a technical field such as Computer Science, or equivalent experience.
- 8+ years of experience in security, preferably in a larger enterprise environment.
- Professional IT security certification(s), such as CISSP, CEH, CISA, etc.
- Expert level knowledge of a wide range of security related technologies; such as DLP, NAC, IDS\IPS, SIEM, Kerberos, encryption and hashing concepts, TACACS, PKI, web proxies, vulnerability assessment, CASB, MFA/SSO, etc.
- Experience architecting holistic security solutions for the technologies listed above.
- Profound understanding of TCP/IP, dynamic routing, next-generation firewall technologies, and all other aspects of network security.
- Experience in the incident handling procedures and intrusion analysis models.
- Proven experience architecting security for large Active Directory and Linux environments in an enterprise setting.
- In-depth understanding of common Internet-centric applications and protocols such as: HTTP, SMTP, SSL\TLS, IPSEC, SSH, BGP, NTP, and DNS.
- Working knowledge of common security scripting languages (Python, Powershell, Groovy, etc).
- In-depth understanding of OWASP Top 10 and SANS/CIS Top 20 Critical Security Controls.
Preferred Skills and Background
- Experience architecting and managing mixed security environments.
- High familiarity with Forcepoint products (Triton AP-Email, DLP, Stonesoft NGFW, etc).
- Prior experience implementing and maintaining corporate compliance, privacy, and frameworks such as NIST 800-53, 800-171, ISO 27001, and ISO 27018.
- Excellent interpersonal skills and the ability to interact with people of all levels.
- Strongly committed to team-building and staff development.
- Ability to self-motivate and define priorities to meet critical deadlines.
- Ability to obtain a federal security clearance, should the need arise.