Security Architect

Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We’re also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field—we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc.
Our MissionFilevine is building the seamless intersection between legal and business by creating a world- class platform to help professionals scale.
Department Statement: The Information Security team ensures security engineering efforts are effective and aligned with industry standards and best practices.    
Job Summary:Filevine is looking for a Security Architect to join our Information Security team to ensure that our platform, applications, and infrastructure are compliant and secured at the highest levels, thus protecting, and enhancing customer trust. If you are bright, hardworking, ambitious and enjoy taking ownership for security and compliance, we want to talk to you. This is an exciting opportunity to join a world-class team.

Responsibilities

• Provide security architectural review of development projects throughout the SDLC on a rapid cycle including specifying minimum security requirements.
• Provide security reviews and recommendations for SAAS and desktop applications (Mac and Windows) for the Filevine product.
• Provide security review and recommendations on various subsystems, such as email and calendaring plugins across various operating systems and browsers.
• Experience with helping enhance the security on new Filevine products including the secure use of Ai tooling and their implementation. 
• Improve monitoring capabilities for cloud environments to improve detection of security issues.
• Strategize and outline goals and objectives to secure the cloud environments and cloud applications while enhancing the application security program.
• Investigate security incidents.
• Install security measures and operate software/hardware to protect systems and information infrastructure, including network and web firewalls, and data encryption programs.
• Document and research best practice architecture designs as part of an overall risk management strategy.
• Work with internal teams to perform tests and uncover network vulnerabilities.
• Help remediate detected vulnerabilities to maintain a high-security standard.
• Stay current on cloud security standards, trends and news.
• Develop company-wide best practices for cloud security.
• Research security enhancements and make recommendations to management.

Qualifications

• 5+ years combined in information technology/security with emphasis on network security. A BS/MS degree in a technical field such as information security or computer science can be considered as supplementary experience.
• Strategize and outline goals and objectives to secure Cloud environments and Cloud applications while building the application security program.
• Ensure Filevine is following cloud security best practices for cloud environments.  Ensure appropriate cloud logging, monitoring and response efforts are in place to protect Filevine and our customers.    Excellent history in advising and executing security architecture design and assessments.
• Great degree of familiarity with designing and implementing secure Enterprise cloud networks.
• Significant experience with SIEM and logging technologies.
• Knowledgeable with Threat Hunting practices.
• Expert knowledge with SOAR platforms and creating run books / play books.
• Experience with cloud hardening best practices.
• Experience with both executing and defending network penetration tests.
• Security Architectural Experience with two (AWS, GCP, Heroku and/or Azure) cloud infrastructure platforms.
• Experience with container security for Windows & Linux operating systems.  Working knowledge of security requirements for SOC 2 Type I & II, HIPAA, GDPR, CCPA and CJIS. Significant experience with security engineering, incident response and security operations best practice.
• Significant experience with orchestration and observability tools.
• Strong Project Management experience.A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges.
• Experience with scripting and development languages (e.g., JavaScript, Python, Java, C++)Automation skills are a plus.
• Strong team player and work ethic are essential.

Preferred Qualifications

• CISSP Certification or equivalent experience. 
• AWS Certified Cloud Practitioner (Foundational) or equivalent experience.
• AWS Certified Developer – Associate or equivalent experience.
• AWS Certified DevOps Engineer – (Professional) or equivalent experience.
• Certified Cloud Architect (CCA) or equivalent experience.
• Certified Cloud Professional (CCP) or equivalent experience.
• Certificate of Cloud Security Knowledge (CCSK) or equivalent experience.
• CompTIA Cloud+ or equivalent experience.
• CompTIA Cloud Essentials+ or equivalent experience.
• Google Associate Cloud Engineer or equivalent experience.
• Google Professional Cloud Architect or equivalent experience.
• Microsoft Certified Azure Fundamentals or equivalent experience.
• Microsoft Azure Administrator Associate or equivalent experience.
• Microsoft Azure Solutions Architect Expert or equivalent experience.

Cool Company Benefits:- A dynamic, rapidly growing company, focused on helping organizations thrive - Medical, Dental, & Vision Insurance (for full-time employees)- Competitive & Fair Pay- Maternity & paternity leave (for full-time employees)- Short & long-term disability- Ergonomic and height-adjustable workstations for onsite employees- Opportunity to learn from a dedicated leadership team- Centrally located open office building in Sugar House (onsite employees)- Top-of-the-line company swag
Privacy Policy NoticeFilevine will handle your personal information according to what’s outlined in our Privacy Policy.