Today’s Best Western has been on a journey of incredible transformation, elevating our brand image, improving the guest experience and enhancing our organizational culture. Today, this culture of modernization and innovation is embraced by our more than 1,000 corporate employees, many of whom have stayed with Best Western for 10, 20, even 30+ years. We are proud to have created a work atmosphere that provides an exciting, fun and rewarding place to work every day.
You are a forward-looking IT security architect seeking an opportunity to have a real impact on a company’s information security future. You have a strong foundation of implementing information security initiatives and designs, combined with leadership ability, and you desire a chance to be on the front lines of IT security for an international company. In short, you seek an opportunity to help propel a company’s security structure to the next level. At Best Western, in Phoenix AZ, we want to empower a new Security Architect to work with a strong team of other architects, engineers and analysts to do exactly that. You will design new system architectures with a security-related focus across all sectors of the company. Capitalizing on your creativity will positively influence the outcome of your projects. Keeping up with relevant technologies and contributing your voice for security will drive innovation and unite company efforts for consistent system security. You will be a crucial part of our business as we move forward. As our Security Architect you will ensure the confidentiality, integrity, and availability of company data and information technology assets by leading information security policy enforcement and risk management activities. If this sounds like the challenge you seek, apply today!
Your role will include:
- Providing security architecture guidance in support of application development and infrastructure projects.
- Guide product teams migrating to AWS with security controls and design changes needed in the cloud.
- Working closely with technical managers and leads to ensure solution security is properly addressed in all phases of development projects;
- Performing architecture reviews and code reviews to ensure adherence to security standards and regulatory requirements.
- Conducting software security assessments using dynamic analysis tools such as Zed Attack Proxy, and BurpSuite.
You will bring to the table at least 5 years of experience in information security in a large-scale environment or 5 years of software development including time at an architect level and demonstrable understating of security principles and practices, with strong knowledge of vulnerability assessment, SIEM, and intrusion detection methodologies. You will have strong communication skills including the ability to communicate effectively with non-technical people. Ideally, you will have a CISSP, CISA, SANS certifications, CEH or related information security experience. Additionally, you will have experience or knowledge in the following areas:
- Working knowledge of all aspects of information technology including information security, programming, networking, UNIX and Windows administration
- Certification in one or several of the following CISSP, SSCP, SANS, CEH, or other industry-leading information security certification
- Secure SDLC process to develop and design effective technology solutions
- Demonstrated experience in the design and assessment of application and mobile secure coding programs
- Experience in IT security concepts and technologies such as: identity and access management, PKI, multi-factor authentication, role based access control (RBAC), LDAP directories (schema and DIT design)
- Experience with credit card security requirements and data privacy regulations such as PCI and Safe Harbor as well as industry best-practices such as COBIT, ITIL, and NIST
- Cloud security concepts (SaaS, PaaS, IaaS), mobile architecture, network and application security and/or data protection
- Utilization of security technologies, including firewall, IDS/IPS, vulnerability management, WAF, WiFi, mobile security, DLP, digital certificates, encryption and authentication techniques, relational databases, middleware applications, collaboration and document management solutions
- Experience in AWS or other public cloud infrastructures
All your information will be kept confidential according to EEO guidelines.