10+ years of application and cloud security experience in an Agile/DevOps and multi-cloud (Azure, GCP, AWS) environments
5+ years of enterprise architecture experience with at least 3+ years of a security architecture role
5+ years working knowledge of at least two of the leading cloud service providers (Azure, GCP, and AWS). Solid understanding of cloud providers’ native security offerings and capabilities, their well-architecture security frameworks, cloud adoption, and migration best practices, and integration security reference architectures
Demonstrated expert level understanding and working knowledge of key security domains: IAM, SSO, OAuth 2.0, OpenID Connect, Federation, PIM, application security testing, threat modelling, data encryption and key management/PKI, security protocols such as HTTPS/TLS/SSH/RDP, network security, endpoint protection, cloud security posture management, cloud workload protection, CASB, SIEM and continuous security monitoring, assessment, and response
Experience working with container technologies (Docker, Kubernetes, Twist lock, red lock) and serverless/microservices architecture in different cloud environments
Strong understanding of SSDLC, DevOps, DevSecOps, and CI/CD pipeline
Strong technical architecture and ability to work across all LOBs with all levels to build and ensure sound security architecture
Strong communication and interpersonal skills; capable of understanding business needs and translating them into architectural standards/diagrams; able to translate complex data and architectural concepts and principles into easily understanding information by LOBs; ability to design and deliver architectural presentations to IT, senior leadership, and business partners
Have critical thinking and take an analytical and logical approach to problem-solving. Must be able to frame and recommend security solutions that are best for ISL and their clients, even where that may not be technically “best practice”.