Cloud Application Security Architect
- You'll be integral to creating a unified architectural design across the company's many products.
- You'll have the opportunity to plant roots: more than 40% of Deluxe employees have been with the company 10+ years.
- You'll be heard and belong: you can take advantage of our Employee Resource Groups, volunteerism and team events.
The Cloud Security Architect will design and implement security solutions in support of Deluxe’s cloud security strategy. This engineer will be a member of our Security Architecture and Engineering team and provide security expertise for Deluxe’s implementation of applications in AWS and other public cloud environments. This position will focus on enabling business opportunities by ensuring the secure deployment of applications in public cloud environments.
Provide technical expertise and guidance on AWS security tools for Information Security teams within Deluxe. This may include decisions about how cybersecurity and vulnerability monitoring will be performed, using/integrating both cloud-native and third-party security tools and controls.
The Cloud Security Architect should be able to both choose security tools and procedures, and demonstrate and teach operational teams to utilize those controls. Provide thought leadership for the organization’s cloud strategy decisions.
Support the design, testing, and implementation of complex security solutions to meet security and regulatory requirements for cloud environments. Contribute to, and act as lead author, for cloud security documentation including standards, specifications, and Security Reference Architectures.
Perform technology evaluations, supporting business case development, test case definition, and vendor selection based on industry standard criteria.
Develop and maintain relationships with a variety of Deluxe stakeholders, including business owners, project managers, engineers, and Deluxe customers
The candidate should have a deep understanding of cloud security principles and be familiar with AWS and Azure security-related services, such as IAM, AD, KMS, WAF, Shield, and Security Hub. They should be able to design, deploy, and manage security controls in both AWS and Azure environments, ensuring that they are consistent across both platforms.
The candidate should be proficient in Infrastructure as Code (IaC) tools such as Terraform and be able to write secure IaC modules for both AWS and Azure services. They should be familiar with secure coding principles, such as input validation, output encoding, and authentication and authorization, and should be able to apply these principles to IaC development.
The candidate should have a strong understanding of secure application architecture principles, such as the OWASP Top 10, and be able to design, implement, and maintain secure applications on both AWS and Azure. They should be familiar with secure design patterns, such as defense in depth, least privilege, and separation of duties, and should be able to apply these patterns to application architecture.
The candidate should be experienced in conducting threat modeling exercises to identify potential security threats and vulnerabilities in both AWS and Azure environments. They should be able to develop threat models, evaluate the effectiveness of security controls, and recommend remediation strategies to mitigate identified risks.
The candidate should be familiar with integrating AWS and Azure security, such as via AD, IAM, and AWS Permission Sets. They should be able to ensure that users and resources are properly authenticated and authorized across both platforms, and that permissions are set up in a consistent and secure manner.
Education and Experience: Bachelor’s in Information Security/Assurance, Computer Science or Related Fieldand 5 years of information security experience. Hands-on experience configuring AWS security tools or HS/GED and 9 years
Education and Experience: Bachelor’s in Information Security/Assurance, Computer Science or Related Fieldand 5 years of information security experience. Hands-on experience configuring AWS security tools
Deluxe Corporation is an Equal Opportunity / Affirmative Action employer:
All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, disability, sex, age, ethnic or national origin, marital status, sexual orientation, gender identity or presentation, pregnancy, genetics, veteran status or any other status protected by state or federal law.
Please view the electronic EEO is the Law Poster which serves to inform you of your equal employment opportunity protections as part of the application process.
Reasonable Accommodation for Job Seekers with a Disability: If you require reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please direct your inquiries to email@example.com.
Department: IT Architecture & Engineering
Time Type: Full time
Work Status: Permanent
Company NameDeluxe Small Business Sales Inc
Deluxe, a Trusted Payments and Data Company, champions business so communities thrive. Our solutions help businesses pay, get paid, and grow. For more than 100 years, Deluxe customers have relied on our solutions and platforms at all stages of their lifecycle, from start-up to maturity. Our powerful scale supports millions of small businesses, thousands of vital financial institutions and hundreds of the world’s largest consumer brands, while processing approximately $3 trillion in annual payment volume. Our reach, scale and distribution channels position Deluxe to be our customers’ most trusted business partner. To learn how we can help your business, visit us at www.deluxe.com.