Meet our Team
Hitachi Vantara seeks a passionate and talented Principal Cloud Security Architect to join our Enterprise Security team and partner with Hitachi Vantara business groups to best understand the organization's needs and how they relate to our global information security posture. In this role you will report to the Director, Security Architecture and will be responsible for executing security related projects and programs.
You will be working very closely with the IT and product teams to assess our security, make recommendations, and suggest solutions. The individual will be responsible for uncovering security flaws in a diverse set of technologies. As part of that role, the individual will communicate observations to the Enterprise Security and Product Engineer teams, endeavor to meet Engineers' expected outcomes, and ensure the timely delivery of project milestones.
The right individual will have the opportunity to guide our IT and Product Engineers' long-term security strategy and contribute to the overall growth and maturity of Hitachi Vantara services. The candidate will act independently, as well as collaboratively with engineers, peers, partners, and managers from IT and multiple organizations to ensure technical excellence and satisfaction. This includes identifying People Process and Technologies synergies between the different parties to be integrated, identifying eliminating redundancies, and proposing a resource plan, coordinating the dependencies and efforts of IT team members, internal business partners and third party contractors or consultants in order to deliver projects according to plan.What you'll be doing
What you bring to the team
- Develop and communicate risk and threat-based plans to drive project priorities using industry accepted risk assessment and threat analysis methodologies
- Be a master of identifying security design gaps in existing and proposed architectures and recommend changes or enhancements
- Engage at all point of Software Engineering project to ensure Security controls and proper risk management practices are implemented including secure coding, code review, code application scanning as part of the quality process
- Lead root cause analysis processes based on information about the engineering groups processes, technology, and maturity.
- Develop and present on remediation and mitigation plans to address systemic issues and root causes identified during and between projects
- Lead cross functional project calls and planning sessions
- Communicate across functional areas and update project statuses to keep project teams informed of progress and/or significant changes
- Demonstrate ability to successfully distill complex technical information into clear, concise yet comprehensive communication material
- Understand the fundamental company security and risk management strategy and be able to apply that as fundamental pillar of the transformation strategy.
- Minimum 7 years of security engineering experience including a fair degree of security and compliance technical knowledge
- Experience with securing public cloud deployments and distributed systems using public cloud hosting, including GCP, AWS or Azure
- Conduct penetration testing across Hitachi Vantara products and services hosted on public cloud environment (Azure, AWS and GCP) and/or infrastructure
- Conduct Penetration testing of Kubernetes native and migrated applications and services
- Conduct Penetration testing of data lakes and big data products and service offerings
- In depth knowledge of threat model, network security, cryptography, authentication and authorization.
- Experience with implementing common security frameworks and controls in highly automated environments, especially in CI/CD environments
- Strong understanding of application security patterns including web application security (OWASP top 10, XSS, injection vulnerabilities, CSRF, platform security hardening), and mobile security (device fingerprinting, Mobile authentication and key exchange) strategies
- Expertise in developing and implementing one or more of the following: Identity and Access Management, SSO, SAML, Open ID, OAuth2 or 2FA technologies
- An ability to script or customize attack code as needed is a plus
- Ability to assist in coding of custom automations of security tasks is a plus
- Strong understanding of risk management and information security theory and practical application.
- Demonstrated ability to solve complex problems with expertise and ingenuity.
- Able to communicate risks and recommendations to Senior Leadership and management
- Demonstrate leadership, including the ability to influence all levels of management towards a common goal
- Ability to facilitate meetings with strong presentation skills and ability to quickly discern differing points of view versus derailing points of view
- CISM, CISSP, CISA highly desired
- Excellent computer proficiency including MS Office - Word, Excel, Outlook, SharePoint
- Travel may be required - less than 25% both domestic and international
Hitachi Vantara is part of the Global Hitachi family. We balance innovation with an open, friendly culture and the backing of a long-established parent company, known for its ethical reputation. We guide customers from what's now to what's next by unlocking the value of their data and applications to solve their digital challenges, achieving outcomes that benefit both business and society.
Our people are our biggest asset, they drive our innovation advantage and we strive to offer a flexible and collaborative workplace where they can thrive. Diversity of thought is welcomed and our employee base is represented by several active Employee Resource Group communities. We offer industry leading benefits packages (flexible working, generous pension and private healthcare) and promote a creative and inclusive culture. If driving real change gives you a sense of pride and you are passionate about powering social good, we'd love to hear from you.Our Values
Research tells us that some applicants, especially those from underrepresented groups, can be put off from applying for roles if they need flexibility or feel they don't meet all of the set criteria. We strive to create an inclusive environment for all and are open to considering home working, compressed/flexible hours and part-time arrangements. Get in touch with us to explore how we might be able to accommodate your specific needs.
We are proud to say we are an equal opportunity employer and welcome all applicants for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. With Japanese roots going back over 100 years, our culture is founded on the values of our parent company expressed as the Hitachi Spirit:
Wa - Harmony, Trust, Respect
Makoto - Sincerity, Fairness, Honesty, Integrity
Kaitakusha-Seishin - Pioneering Spirit, Challenge