IHS Markit Senior Security Architect in Greenville, South Carolina
In this senior role you will be responsible for developing security standards, assessing risk, and reviewing product architectures in VMware on AWS Cloud (VMC) and other cloud or hybrid environments. You will partner with other members of global Information Security and internal stakeholders to perform security assessments, threat modeling and inform the design of performant, resilient and compliant VMC, cloud-native, and hybrid architectures.
You will engage with product management, development, architecture, and information technology partners to ensure security is designed into all initiatives from the outset.
Developing and updating security standards for hosted environments including VMC, AWS and other cloud environments
Proactively engaging with product teams to assess migration plans and designs to ensure security requirements are accounted for
Partner with the Office of the CTO (OCTO) enterprise architects to streamline and validate their architectural assessment with expertise in security architecture, regulatory compliance, resiliency and disaster recovery
Proactively identify and document technology risks to the enterprise across the cloud (VMC primary; AWS, Azure or GCP secondary) environments and make recommendations to the information security leadership and engineering teams for mitigating and/or compensating controls
Design and develop security solutions that augment and expand current tooling
Reporting to the head of Information Security Architecture and Engineering, you will build and execute on a backlog of strategic and tactical work items related to the securing of our product platforms. You will primarily be working with VMC but may have exposure to AWS native, Azure and GCP. You will work directly with product teams, enterprise architects, IT, and others to assess architectural designs, technical implementations, standards documentations and other work products as they relate to security, compliance and resiliency. You will manage security standards documentation, drive automation and reporting, and assessment of control implementation. You will make recommendations to harden IHS Markit’s security posture and proactively identify risks and potential mitigating or compensating controls.
What will you be doing in addition to the above:
Partnering with security engineering teams to design internal security systems as they relate to automation, GRC, threat intelligence and CI/CD tooling
Leveraging your extensive experience to define and drive adoption of security standards, processes, tools, and automation to protect and support the needs of our products and services
Contributing to broader strategic discussions concerning standards, policies, technology, and processes, bringing your ability to bear in improving the overall security posture of the organization
Driving KPI/KRI metrics and reporting framework to measure the efficiency and effectiveness of the controls under management
Partnering with key stakeholders to ensure that security design principles are implemented and operationalized in support of policies and standards
Keeping abreast of latest technologies and innovations in security and monitor industry trends and threats
What are we looking for:
Minimum of five years’ experience working with VMware, vSphere, NSX, VMC related technologies in a large scale, highly automated, enterprise setting from an architectural perspective
Minimum of five years’ experience in Information Security to include increasing leadership experience
Minimum of three years’ working with AWS in a deeply technical capacity
Strong architectural, technical and business analysis knowledge, this resource should be able to seamlessly and proactively engage with business partners to perform assessments and inform key security design considerations with minimal supervision
A natural ability to simultaneously use your technical experience, strategic mindset, and people skills
Comfortable working with teams and automated CI/CD pipelines and delivery of resilient and performant architectures in a SecDevOps model
Knowledge of cloud networking architecture, identity, cloud operations, security, automation, and orchestration
Strong understanding of technical security controls, including end-user, office, and data center environments, with a verifiable understanding of threats, vulnerabilities, and mitigation techniques in cloud, on-premise, and hybrid environments
Excellent organizational, research, and verbal/written communication skills, with a proven ability to effectively engage partners, clients, and individual technical and business staff
Strategic thinker, keeping big picture in mind while ensuring execution excellence
Ability to prove security experience via certifications
Self-motivated and willing to take on challenges while adapting to an ever-changing global threat landscape and internal/external partner operational environment
Familiarity in a variety of industry and regulatory frameworks for cybersecurity, IT and privacy such as ISO 27001, ISO 27017, PCI-DSS, NIST CSF, NIST SP 800-53/ITSG-33, CCPA, GDPR, ITILv3, SOC 2, and SOC 3
Inclusion and diversity are critical to the success of IHS Markit, and we actively encourage applications from people of all backgrounds. We are committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, status as a protected veteran, or any other protected category. For more information on the many ways in which we enthusiastically support inclusion and diversity efforts for both candidates and employees, please access our Inclusion & Diversity Statement here.
We are proud to provide reasonable accommodations to applicants with disabilities. If you are interested in applying for employment with IHS Markit and need special assistance or an accommodation to use our website or to apply for a position, please contact (Accessibility@ihsmarkit.com) or call +1 212 849 0399. Determination on requests for reasonable accommodation are considered on a case-by-case basis. This contact information (email and phone) is intended for application assistance and accommodation requests only. We are unable to accept resumes or provide information about application status through the phone number or email address above. Resumes are only accepted through the online application process, and only qualified candidates will receive consideration and follow-up.
IHS Markit maintains a substance-free workplace; employees may be asked to submit to a drug test (where permitted by law). In addition, as a federal contractor in the United States, the company participates in the E-Verify Program to confirm eligibility to work.
For information please click on the following links:
IHS Markit Business Code of Conduct (https://investor.ihsmarkit.com/static-files/86e1cd0a-429d-4398-9f95-c54d4c2fa1e0) Right to WorkEEO is the Law (https://www.dol.gov/sites/dolgov/files/ofccp/regs/compliance/posters/pdf/eeopost.pdf) EEO is the Law SupplementPay Transparency (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf)
If you are currently employed by IHS Markit, please apply internally via the Workday internal careers site.
IHS Markit harnesses deep sources of information, analytics and expertise to forge solutions for the industries and markets that drive global economies. Our company partners with clients in business, finance and government to provide the unrivaled insights and perspectives that lead to well-informed, confident decisions. We call this The New Intelligence. IHS Markit serves more than 50,000 key customers in more than 140 countries, including 80 percent of the Fortune Global 500. We help decision makers apply higher-level thinking to daily tasks and strategic issues across a host of industries and disciplines including energy, finance, automotive, engineering, technology, maritime and trade, aerospace and defense, chemical, and economics and country risk.
Headquartered in London, IHS Markit (NYSE: INFO) is committed to sustainable, profitable growth.