Fairfax Imaging is a leader in the development and marketing of hosted financial processing software solutions involving web portals and data capture from forms and financial instruments. Founded in 1994, Fairfax Imaging has been on the cutting edge of financial data processing for 24 years. As part of its expansion plans, Fairfax Imaging is currently seeking a Cloud Information Security Officer (CISO).
The CISO leads the design and development of security architectures for protecting data deployed into the cloud. This position will directly contribute to the overall global enterprise cloud architecture and lead the security vision and strategy around cloud-based applications, across all types (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS). The CISO will serve as the central point of contact for security architecture for all technology teams for all matters related to cloud security. The successful candidate is required to identify opportunities and risks and develop and deliver solutions that support business strategies and protect our intellectual property globally.
- Expertise – Collaborate with project managers and the Core Department to architect and design cloud security solutions. Knowledge of cloud security services such as AWS Identity and Access Management, Inspector, Cloud formation, VPCs, etc. is essential.
- Delivery – Complete architecture assessments across projects, prove use of security solutions to support new distributed computing solutions that span public cloud services.
- Security Technology Strategy - Work with engineering, service and business teams to create technology roadmaps
Key Responsibilities / Duties
- Security Technology Strategy - Work with engineering, service and business teams to create technology roadmaps.
- Write policies and procedures to support required security certifications (PCI, SOC2 Type I and II, etc.) and other assessments as needed to meet the Company’s cyber security needs.
- Design and develop security architectures for cloud systems
- Possess a firm understanding of the offerings within Amazon Web Services (AWS)
- Based on business requirements, design and implement cloud-native architectures and designs that will allow those requirements to be met with a minimal degree of risk and with appropriate security controls
- Act as the ambassador and senior technical representative for enterprise security while engaging with other senior technical leaders in design and implementation of cloud-based solutions
- Develop standards in partnership with the Core Engineering and Professional Services departments
- Lead training and technical forums, serves as both a formal and informal mentor, and executes other initiatives designed to share knowledge across security platforms
- Develop and executes strategies to increase Cloud Security knowledge throughout
- Help define and contribute to the future state of the cloud security strategy
Work Experience / Knowledge
- 3-5 years’ experience as security architect
- 3-5 years’ experience with Cloud platforms such as Amazon Web Services (AWS)
- Experience architecting solutions within Amazon Web Services (AWS)
- Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies
- Experience with processes (secure software development (application security), data protection, cryptography, key management, cloud based identify management, network security) within SaaS, IaaS, PaaS, and other cloud environments
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc)
- Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc) preferred
- Experience with service-oriented architecture for cloud-based services
- Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
- Experience with enterprise applications (architecture, development, support, and troubleshooting)
- Experience performing threat modelling and design reviews to assess security implications and requirements for introduction of new technologies
- Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
- Experience with enterprise architecture and working as part of a cross-functional team to implement solutions
- Strong interpersonal and communication skills; ability to work in a team environment
- Ability to work independently with minimal direction; self-starter/self-motivated
- Excellent verbal and written communication skills
- Ability to conduct complex analysis and present data in a meaningful way
- Strong organizational skills and detail orientation
- Open minded, flexible, and willing to listen for other people’s opinions
- Interpersonal skills necessary to effectively communicate over the phone with a variety of individuals at all technical levels are required
Formal Education: (minimum requirement to perform job duties)
- MIS Degree or Equivalent
License/Registration/Certification: (minimum requirement to perform job duties)
- CISSP (or equivalent) preferred
- CCSP (preferred)
- CCSK (preferred)
- AWS Certified Solutions Architect – Professional (preferred)
- Amazon AWS Certified DevOps Engineer – Professional (preferred)
Salary and Benefits:
Fairfax Imaging continues to achieve industry recognition in the Software 500 and in industry trade publications each year. Fairfax Imaging offers a challenging opportunity for professional growth with competitive salaries and benefits, including a matching 401k plan, medical, dental, and job-related tuition reimbursement.
Working conditions are normal for an office environment in Tampa, Florida or in Rockville, Maryland. Work requires extensive use of a computer.
Cyber / Information Security Engineer / Analyst