Security Architecture

**Location: Monterrey or Matamoros, Mexico**:** Applications from persons not living in Mexico will NOT be accepted.**The Information Security Architect provides expert guidance for addressing current security issues and must have the foresight to see where the industry is headed and proactively deliver solutions that are secure and optimized for the business. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. A senior-level role, the architect possesses strong communication and organizational skills, and the ability to guide less experienced coworkers. The architect provides technical leadership to delivery and solution design team members.Throughout the roles key responsibilities, the Information Security Architect must always consider opportunities to integrate security practices within earlier phases of IT and business processes to identify potential risks as soon as possible, reduce remediation costs, and avoid unnecessary re-work.At times, the architect acts as a liaison with business stakeholders to understand the strategy and execution outlook.**Essential Job Duties**- Support the ability to shift left and incorporate security early and throughout project and development lifecycles.- Possess a DevOps focus across technology and security architecture, automation, integration, and distribution. Simplify and automate activities to enhance efficiencies and conformity.- Consistently learn and share advanced skills and practices that promote team excellence. Drive security efficiencies, enabling security team members to work on more advanced tasks.- Perform engineering performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.- Build relationships with key stakeholders to incorporate security principles into design and deployment processes.- Serve as a point of contact for security-based escalations and remain tightly involved through resolution.- Remain current with new security threats and assess systems to ensure they can defend the business.- Constantly research capabilities of current and new disruptive solutions on the market and make recommendations to security leadership.- Lead and/or participate in the development of security team policies, standards, procedures, and processes.- Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).- Partner, coach and functionally lead IT, engineering, development, and business teams.- Support implementation, monitoring and operations of information security assets, programs, and projects.- Actively participate and lead security team meetings that facilitate secure design.- Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements.- Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.- Implement solutions observing compliance with applicable laws, regulations, and frameworks, such as NIST SP800-171, ISO 27001, GDPR, etc.- Respond to and handle service and escalation tickets within service level agreements.- Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.- Participate regularly in change project and change management**Skills and Experience**- 5+ years experience in information security, including compliance and risk management, with a system and network security engineering background.- Proven deep background (preferred 5+ years in addition to security) in technology design, implementation, and delivery.- Experience in cloud computing technologies, including software-, infrastructure-, and platform-as-a-service, as well as public, private, and hybrid environments.- Excellence in communicating business risk from cybersecurity issues.- Experience driving measurable improvement in monitoring and response capabilities at scale.- Highly technical and analytical expertise, with a proven deep background in technology design, implementation, and delivery.- Skilled in meeting vulnerability and penetration testing requirements.- Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well, including the ability to translate technical content into terms understandable by the business.- Experience working in a multicultural environment with colleagues in different countries.- Analytical and problem-solving mindset.- Ability