Principal Security Architect

About FlightSafety International

FlightSafety International is the world’s premier professional aviation training company and supplier of flight simulators, visual systems and displays to commercial, government and military organizations. The company provides training for pilots, technicians and other aviation professionals from 167 countries and independent territories. FlightSafety operates the world’s largest fleet of advanced full-flight simulators and award-winning maintenance training at Learning Centers and training locations in the United States, Canada, France and the United Kingdom.

Purpose of Position

The Principal Security Architect is responsible for the design, building, testing, and implementation of security systems within our IT network for both on premise and cloud environments. The principal security architect's responsibilities include reviewing our current security measures, recommending enhancements, identifying areas of weakness, engage on most projects and provide expert security architecture guidance and respond promptly to possible security incidents. The Principal Security Architect will continually monitor our security posture and determine areas of needed security enhancements. A qualified principal security architect must be experienced in all aspects of information security controls and IT infrastructure architecture principles. Must also possess strong interpersonal and communication skills and be able to lead and work with a wide variety of people.

Tasks and Responsibilities

• Establish a thorough understanding of the organization's technology and IT systems.
• Plan, research, and design security architectures
• Develop, review, and approve the installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices
• Design and validate cloud architecture and controls
• Develop project timelines for system upgrades and preparing cost estimates
• Test the final security system and update and upgrade it as needed
• Establish disaster recovery procedures and conduct security breach drills
• Respond quickly and effectively to all security incidents and provide post-event analyses
• Monitor and guide the security team, cultivating a sense of security awareness, and arranging for continuous education
• Remain up to date with the latest security systems, standards, authentication protocols, and products
• Establish overall secure systems & applications architecture and designs based on industry control frameworks, standards and security best practices
• Provide security subject matter expertise on new initiatives to ensure positive security outcomes are delivered, including the early definition of security controls required, definition and implementation of clear secure development design principles
• Evaluate system changes across the organization to assess and document the security risk and impact
• Work with system engineers to understand and implement continuous improvement processes, automation, system upgrades and rollouts
• Continually evaluate systems’ security capabilities, risks, and exposure to security threats, documenting risks and offer remediation advice to enhance or apply mitigating controls
• Identify opportunities to standardize and simplify security technology stack by leveraging native cloud capabilities where possible
• Collaborate with the Security Operations team in the assessment of new technologies and products for IT and business solutions
• Participate in the scheduling, testing, and implementing of enhancements or new releases with the security stack
• Partner with teams across IT on active or emerging threats
• Stay informed and tuned to security industry trends, emerging threats, vulnerabilities, & emerging technologies
• Provide leadership on highly complex projects
• Capable of making independent decisions or representing leadership at times.
• Develop, coach, motivate, energize and inspire fellow Flight Safety team members
• Build organizational talent by creating a learning environment that ensures employees realize their highest potential
• Support the budgeting, reporting, forecasting and cost models for security architecture service offerings
• Support the Director – Security Architecture in developing the budget projections based on short- and long- term goals and objectives

Minimum Education

• Bachelor’s Degree or equivalent education in Computer Science, Information Systems, information Security or other Information Technology-related field.
• CISSP or CCSP certification
• Additional certifications (CISA, CISM)

Minimum Experience

• 10 years related experience in technical security architecture and engineering function, including hands-on experience in:
• Secure Systems architecture & design
• Secure application development practices, DevOps, & SDLC
• GDPR, CCPA, NIST 800-53, NIST 800-171, NIST CSF, OWASP, & PCI DSS Controls
• Secure cloud architecture deployments, Azure & AWS
• Agile, waterfall, & hybrid project methodology
• Demonstrable experience in architecture and engineering principles (e.g. SABSA, TOGAF)
• Demonstrated experience in implementing and managing at least 9 of the following security defenses:
• Web filtering technology
• Network intrusion defense systems
• Intrusion prevention systems
• Endpoint monitoring
• Data loss prevention
• Penetration testing
• Firewalls
• WAF
• Vulnerability scanning tools
• Security Information and Event Management
• Network tabs, traffic aggregators and filters
• Forensic investigations and relevant tools
• Policies, standards, procedures and other forms of documentation
• Identity management tools, AD, LDAP, web front end and virtualization
• Application code vulnerability scanning (dynamic & static) and application security
• Cloud architecture, security controls, secure configuration, and deployment
• User security training and awareness
• Expert-level knowledge of security principles and technologies
• Experience with security automation and orchestration
• Experience with CI/CD pipelines and secure DevOps
• A sound understanding of emerging threats and industry trends

Knowledge, Skills, Abilities

• Provide technical security architecture guidance and oversight to ensure increased security architecture maturity
• Articulate issues, risks, and proposed solutions to various levels of staff and management
• Contribute to the development of the security strategy, policy and service delivery objectives and best- practices for the design and delivery of security architecture services
• Develop processes, standards, guidelines and policies for the implementation and maintenance of security architecture principles within projects
• Manage multiple enterprise-wide programs simultaneously
• Proficient knowledge of the organization’s mission, values and strategic goals to their work
• Expected to present information in writing, email, PowerPoint and other forms of documentation.
• Expected to work with employees from all areas of IT and maintain a good working relationship with them.
• Proficient with interacting with multiple levels and roles within the organization and shall have the ability to apply different strategies to convince others to change their opinions or plans.
• Regularly report to the Director Security architecture and CISO office using KPIs and other metrics to clearly reflect accomplishments and progress over time
• Demonstrate process-oriented approach with high attention to detail
• Excellent critical-thinking and organizational skills
• Proficient interpersonal skills with the ability to interact professionally with all levels within the organization
• Ability to work successfully with a diverse set of individuals and constituencies, and to be adept at advocating for, recommending and building consensus around suggested improvements
• Ability to work creatively and analytically with others in a problem-solving environment
• Ability to think both strategically and tactically in a high energy, fast paced environment
• Ability to exercise sound judgement, problem solve, and make decisions in complex situations
• Ability to communicate verbally and in writing within all areas and at all levels of the organization

Physical Demands and Work Environment

The physical demands and work environment described here are representative of those that must be met and/or encountered by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

FlightSafety is an Equal Opportunity Employer/Vet/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.