Bed, Bath, and Beyond (BBBY) is adding a Cyber Security Architect to its Information Security department. The Cyber Security Architect will be responsible for the planning, development, and implementation of enterprise information security solutions (such as authentication and authorization, network, data protection, cloud security, shared enterprise infrastructure services, and security event information management) to address the current and emerging security needs of the business. This role requires the solution of complex enterprise-scale information security problems. The role will design and develop new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. The person in this role will contribute to the execution of strategic information security architecture to enable effective business operations, manage enterprise risk, and address business or regulatory issues.
- Serve as architect and subject matter expert for securing our GCP cloud infrastructure, supporting automation, and end-to-end architecture for IaaS, PaaS, and SaaS solutions.
- Ensure that the architecture and solution incorporate “Zero Trust” and “Secure by Design” framework upon deployment.
- Design and implement “Zero Trust” strategy and architecture.
- Responsible for providing security guidance to other team members in their design, implementation and support of new cloud architecture and automation technologies, as well as updates and maintenance of existing cloud and automation systems
- Work closely with other teams to develop and promote security architectures to protect microservices, serverless, containers, application development and operations practices
- Advocate, document and define security architecture vision from a strategic perspective, including internal and external platforms, tools, and systems
- Contributes to the security of enterprise data and systems by developing enterprise information security solutions.
- Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats.
- Research, design, and develop new enterprise technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors.
- Drive deep architectural discussions in a collaborative fashion to ensure solutions are designed for successful, automated deployment in the cloud, vendor, and on prem environments
- Assist in the development of security technology roadmaps and end-of-life technology plans.
- Contribute to, interpret, and disseminate information security policies, standards, and promote awareness of these artifacts to technical component owners.
- Ensure compliance to information security practices & standards to reduce the likelihood of breaches, audit findings, regulatory, and legal liabilities
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks and contributes to the development and maintenance of information security architecture.
- Engages with security specialists and other functional area architects to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
- Responds to escalated cybersecurity issues for enterprise systems; facilitates advanced diagnosis and troubleshooting when necessary.
- Bachelor's degree (or higher with a concentration in Information Technology or a related discipline) or equivalent work experience.
- 7+ years of information technology and information security experience
- Direct experience architecting and securing solutions deployed in public and private cloud environments: Google Cloud required, AWS, and Azure environments, etc.
- Direct experience with infrastructure and security technologies including storage technologies, certificate authorities, cloud access security brokers, network access control, virtualization, containers, identity and access management technologies, etc.
- A working understanding of architecture-level information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
- Experience working with ISO 27001, NIST, CSA, OWASP, SANS, ITIL, and related information security frameworks.
- Two or more information security certifications preferred, or willingness to earn within 12 months of joining (CNDA, GDSA, CISSP-ISSAP, CISSP, CISM, CCSP, CCSK, CEH, GIAC, CIAM, CIGE, CIMP, CAMS, or equivalent)
- Google Professional Cloud Architect certification and various Google Profession Cloud Engineer certifications desired.
- Ability to provide effective leadership and be a subject matter expert for information security topics
- Employ influencing skills to obtain buy-in and participation from various groups and stakeholders without direct control.
- Build and maintain collaborative relationships with business partners, service providers, and peers.
- Ability to effectively communicate information security topics and associated risks at different levels of the organization.
- Excellent problem-solving abilities and analytical skills including the ability to see the big picture with a high attention to critical details.
- Results oriented and able to achieve desired outcomes independently regardless of priority level.
- Clear verbal/written communication skills
- Ability to effectively led projects from initiation to completion
An Equal Opportunity Employer
It is the policy of Bed Bath & Beyond Inc. to recruit, hire, train, promote, transfer and compensate our associates and provide all other conditions of employment including Company sponsored events without regard to race, color, creed, religion, national origin, age, sex, gender identity, genetic information, marital status, lawful alien status, sexual orientation, physical or mental disability, citizenship status, veteran status, employment status or any other basis prohibited by applicable law.
Apply on company website