Enterprise Security Architect - Location Flexible
Role Description
Protecting Dropbox and our Corporate Infrastructure is critical to being worthy of trust. Here at Dropbox we are looking for an Enterprise Security Architect, within our Information Technology and Services (ITS) group. As the architect, you will partner closely with various key internal teams across the organization to help us create and build world class solutions that are highly secure and forward thinking to increase our security posture through industry best practices and new innovative thinking. You will be key to the development of Dropbox’s next generation enterprise security solutions that include infrastructure, workload, network, identity, SaaS, IaaS, and endpoint. As Dropbox leads the way in being a virtual first company, you will be responsible for establishing a new Zero Trust model and executing on a multi year execution strategy.
Responsibilities
- Own the strategy and roadmap for minimizing corporate security posture and develop communication plans to inform senior leaders of progress and challenges.
- Own the strategy and execution for Zero Trust across ITS and partner with the security team to design solutions that pair with production systems.
- Work closely with subject matter experts to develop and deliver a complete security architecture solution for assigned projects, often covering an entire Domain
- Produces high-quality security architecture specifications, white papers, technical documentation, roadmaps and presentation materials
- You will collaborate and create security practices and standards based on industry standards
- You will partner with both the Dropbox Security and Compliance teams to assess, negotiate, confirm the definition of done and work with ITS teams on identified items
- Lead multiple Security-related projects and work streams
- You will be expected to stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks
- Continuously evaluate communication security, data vulnerability, and compliance.
- Identify vulnerabilities or weaknesses in systems
- Ensure that controls are adequate to protect sensitive information systems
- Report to leadership on IT system vulnerability and protection against malware and hackers
- Clearly document and define risks and potential impacts along with the statistical probability of such an event and identify systems affected by the defined risk
- Make recommendations for improvements in network, identity and access & identity management, and infrastructure based on current industry standards
- Lead, mentor, and train team members on security
Requirements
- Deep understanding in the following areas:
- Identity & access management
- Device/Endpoint trust
- Encryption
- Networking
- SaaS access control
- Authentication methods
- Strong experience with AWS architecture, including migration methodologies
- Experience with NIST framework
- Experience with CIS Controls
- Experience with Zero Trust
- Experience with Okta, Active Directory, Azure AD
- Strong understanding of VPN & DMZ architecture
- Excellent verbal and written communication skills and the ability to communicate ideas visually and create professional presentations
- Communicate effectively with Technical, Business and C Level stakeholders
- Strong interpersonal skills with the ability to effectively communicate and relate ideas to others and work collaboratively to get things done.
- Understanding of security and governance needs in large enterprises
- Understanding of security in API architecture
- Understand of SaaS Identity, Access, and Privileged Access