Description

UKG is seeking a Principal Security Architect to work in our Global Security team. The Security Architecture team contributes to the Global Security and UKG missions by building and maintaining solid mutual beneficial partnerships with all areas of the business. We are strong believers of security as a business enablers, hence to achieve this level of partnership, we strive to provide responsive, easy to maintain cost effective security solutions. We are a highly versatile and technical team, gleaning from network engineering, developers, application security, software architecture, and Third-Party/Partner reviews. Amongst our main team roles are:
Essential Duties and Responsibilities: (other duties may be assigned)

• Evaluate solutions, architectures and processes to assess risk
• Identify solutions to remediate risk
• Evaluate Third Party Assessments & Partners security postures and adherence to UKG standards.
• Participate in and drive technology projects
• Develop software frameworks both for internal and external consumption
• Push for security software development lifecycle - including thread models and code reviews.
• Serve as a security thought leader for multiple security domains
• Partner with Business Units to review the proposed architecture for complex business & application projects.
• Design enterprise-class security networks, applications, and systems for Dev, QA and Production environments
• Create & Align standards, frameworks and security with overall business and technology strategy
• Identify and communicate current and emerging security threats
• Design security architecture elements to mitigate threats as they emerge
• Create solutions that balance business requirements with information and cyber security requirements
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Use current programming language and technologies to write code, complete programming, perform testing and debugging of applications
• Train users in implementation or conversion of systems
• Self-lead/Takes initiate, Build relationships
• Be trusted as expert advisor for security related questions, lead meetings and projects
• Threat Modeling, Risk Analysis, Design and/or Architecture Reviews
• Understand and use threat model methodologies/Risk Analysis and or Architecture Review methods to be able to model application/network/systems and understand Threats.
• Document necessary security controls/requirements that should be in place.
• Deep dive into the code to understand what is happening or validate if controls were implemented appropriately.
• Comfortable in designing technical solutions to mitigate or eliminate security vulnerabilities
• Comfortable to coordinate brainstorm activities to document threat scenarios
• Comfortable to review network architectures and operation system security settings

Qualifications

Required Qualifications/Skills:

7 or more years’ experience in:
• Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with Security, Information Technology, and Product Development teams.
• Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
• Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
• As a Senior Principal, Security Architect, you will be expected to have experience in multiple security domains to develop security solutions that consider all factors to resolve complex business problems
• Experience with multiple programming languages (.Net, Java, Python)
• Deep understanding of TCP/IP

7 or more years’ experience in:
• Authentication (Identity management, MFA/2FA)
• Applied Cryptography (PKI, Appropriate usage of Cryptographic Primitives, Digital Signatures, HASHing, HMACs)
• Authorization (claims, RBAC, fine grained, coarse grained, XACML, OAUTH, SAML)
• Web Services Security (WS-Security, JWT)
• Static Source Code Review Tools (e.g. Fortify, Checkmarx, Veracode, etc).
• Network Design Concepts (TCP/IP, Routing, Switching)
• Operation System Hardening (Window Server, Linux)
• Application Service Hardening (CIS, NSA/DOD STIGs)

Preferred Qualifications/Skills:
• Self-Lead and Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
• Strong sense of ownership, urgency and drive
• Demonstrable teamwork skills
• Team working, including the ability to drive projects and initiatives in multiple departments
• Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
• The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background

Education:
• BA or BS in information security, engineering, computer science, or related area.
• A Master’s degree in an IT field is a plus, and a Master’s in cybersecurity is an even bigger plus.
#LI-Hybrid

Company Overview

EEO Statement