Director of Security Architecture & Engineering

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS.
Our most valuable asset is our people .
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.
DIRECTOR OF SECURITY ARCHITECTURE & ENGINEERING
ZS's Information Security team is seeking an experienced and highly skilled candidate to lead our Security Architecture and Engineering (SAE) function for both public and private cloud. The role requires working with our Enterprise IT, Cloud Center of Excellence and Software Development departments. As a member of the Information Security team, the individual will be responsible for building, implementing and leading a robust SAE function to evaluate and secure our private and public cloud infrastructure. As a valued member of the team, this individual will also partner with other leaders within the Information Security team to secure ZS's enterprise.
What You'll Do:

• Establish SAE Strategy which include operating model(s), service catalog, organization structure, intake process(s), and reporting.
• Take risk-based approach to demand in accordance with InfoSec/GRC Risk Register
• Partner with centers of excellence across ZS, including IT, Software Development, Business Technology and Cloud, for information security architecture & engineering
• Lead the development and maintenance of a robust security strategy designed to address risks associated with public and private cloud infrastructures
• Work closely with development teams in the design of cloud native services and infrastructure
• Review and assess current infrastructure to identify gaps and mitigations
• Prepare and document policies and standards around security
• Oversee the integration of security technologies such as firewalls, CSPM, IAM and others
• Perform research and evaluate security technologies designed to protect infrastructure and systems
• Design and implement guardrails and other controls
• Build out pragmatic and reusable solutions for security problems
• Stay updated on the latest cybersecurity trends and threats to inform security strategies and policies
• Assist with other security related initiatives as they arise
• Align SAE initiatives around life cycle management best practices, Ent-IT Intake Processes, and InfoSec Intake processes.

What You'll Bring:

• Bachelor's degree in Information Security, Engineering, Computer Science, IT or related field
• At least 5 years of managerial experience in cybersecurity or a related field
• At least 8 years of security architecture and engineering experience
• One or more of the following certifications strongly preferred:
  • CISSP (and/or other ISC2 certifications)
  • Cloud security / architecture certifications
  • SANS GIAC certifications
• Other industry recognized certifications or accreditations
• In this position, abilities such as formulating short and long-term strategies and communicating at all levels (technical, management, executive, business teams, etc.) will be required
• Exceptional understanding of security principles, strategies, and goals
• Deep understanding of AWS Well Architected Framework and other best-practice security design principles
• Ability to successfully balance and prioritize security needs with other deliverable timelines, budgets, etc.
• Strong understanding of Windows OS security threats and mitigations
• Strong understanding of Linux Kernel-level security threats and mitigations
• Strong experience with securing Kubernetes at the Pod/Node/Cluster levels including network policy, node to node encryption, mutual TLS, etc.
• Strong experience in Container Management and DevSecOps pipeline
• Knowledge of AWS networking (security groups, ACL, etc.), IAM, STS, WAF, Shield and ALB protections
• Knowledge of Azure and GCP security architecture and configuration is a plus
• Ability to actively assess existing cloud infrastructures to identify gaps and mitigations
• Thorough understanding of the latest security principles, techniques, and tooling
• Able to multitask and prioritize in a dynamic environment with continuously shifting priorities
• Ability to communicate security concepts and issues to peers and management
• Possess and maintain up-to-date understanding of emerging trends in security including research of the latest products to combat these threats
• Strong analytical and problem-solving skills
• Excellent verbal and written communication skills
• Demonstrated personal initiative in maintaining a continuous high level of professional knowledge in areas of cloud security

Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Travel:
Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.
Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To Complete Your Application:
Candidates must possess or be able to obtain work authorization for their intended country of employment. An on-line application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com
Salary: $215,000.00 - $230,750.00