Information Security Architect - Remote
Best Western Hotels & Resorts is a leading, global hospitality network comprised of three hotel companies, including WorldHotels® Collection, Best Western® Hotels & Resorts and SureStay Hotel Group®.
Best Western is seeking an IT Security Architect with a vision for the future. You will work with an amazing team of analysts, system engineers and architects to propel Best Western's IT security to a new level. Design system architectures with a security-related focus across all sectors of the company. A successful candidate will be comfortable working with diverse teams across our dynamic organization to enable business while promoting security.
Capitalizing on your creativity will positively influence the outcome of your projects. Keeping up with relevant technologies and a contributing voice will help set the direction of the group and drive innovation to unite company efforts for consistent system security.
As a Best Western IT Security Architect, you will ensure the confidentiality, integrity, and availability of company data and information technology assets by leading information security policy enforcement and risk management activities. Your education and 5+ years (preferred) InfoSec experience will serve as a solid foundation as you tackle this position with gusto.
Your leadership activities will include:
· Providing security architecture guidance in support of application development, cloud, and infrastructure projects.
· Working closely with technical managers and leads to ensure security is properly addressed in all phases of development projects.
· Performing architecture reviews and code reviews to ensure adherence to security standards and regulatory requirements.
· Conducting software security assessments using dynamic analysis tools such as VeraCode, Zap, SonarCube, and BurpSuite.
· Design and implement Security Testing used in Automated Deployment Pipelines
Your strengths and experience in the following areas will make you the perfect fit for this position:
· Certification in one or several of the following CISSP, SSCP, SANS, CEH, or other industry-leading information security certification
· Secure SDLC process to develop and design effective technology solutions with a focus on automation
· Experience with DevSecOps and representing security perspectives within integrated teams.
· Familiarity with common Software Vulnerabilities (SANS 25, OWASP) and ways to avoid and prevent them
· Training software development teams on secure coding practices
· Demonstrated experience in the design and assessment of application and mobile secure coding programs
· Working knowledge of all aspects of information technology including information security, programming, networking, UNIX and Windows administration
· Experience in IT security concepts and technologies such as: identity and access management, PKI, multi-factor authentication, role-based access control (RBAC), LDAP directories
· Experience with credit card security requirements and data privacy regulations such as PCI as well as industry best-practices such as COBIT, ITIL, and NIST
· Experience with Privacy Regulations including GDPR, CPRA, CPA, CPDP, MOCPA
· Cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network, and application security and/or data protection
· Experience with AWS cloud native security tools including Config, Security Hub, Cloud Trail
· Experience working with cloud infrastructure and Infrastructure as Code (IaC) using Terraform and Cloud Formation
· Utilization of security technologies, including firewall, vulnerability management, WAF, DLP, digital certificates, encryption and authentication techniques, relational databases, middleware applications, collaboration, and document management solutions
- This is a remote/home office position within the U.S.
- The starting salary for this role is estimated to be between $121,900 and $160,000. Base pay, however, will be determined based on several factors, which include but are not limited to, applicable skills, work experience, education, business needs and market demands.
Benefits Summary for Full Time Employees (work 30 + hours per week)
Available Day One:
* Vacation/Sick/Floating Holidays - accruals start
* 401K - company match and direct contribution
* Employee discounts/Hotel discounts
* Financial and health wellness programs
Equal Employment Opportunity
Best Western maintains a policy of equal employment opportunity for all employees and qualified applicants for employment without regard race (including hair textures and hair styles associated with race), color, religion, religious creed (including religious dress and grooming practices), national origin, ancestry, alienage or citizenship status, age, disability, gender, gender identity or expression, sex, sexual orientation, pregnancy status, genetic information, uniformed service or veteran status, marital status or any other characteristic protected by applicable federal, state, provincial, or local laws. Best Western’s equal employment opportunity policy applies to all aspects of employment with Best Western, including but not limited to, hiring, promotion, transfer, benefits, discipline and termination.
Job Status: Full Time
Job Reference #: R3926