Associate Data Security Architect :: REMOTE - ARK Solutions, Inc.

Bethesda, MD 20814

About the Job

Ark Solutions Inc is looking for Associate Data Security Architect!

Position: Associate Data Security Architect
Location: REMOTE
Duration: 12+ Months and possibility of extension

Description:
We are seeking a highly skilled Data Security Architect with extensive experience in securing Data Lakehouse environments. The ideal candidate will have a deep understanding of data security principles, best practices, and the ability to implement robust security frameworks. Experience with Snowflake and other cloud-based data platforms is highly preferred.

Day-to-day Responsibilities:

Design & Implement Security Frameworks: Develop and implement comprehensive security architectures for Data Lakehouse environments, ensuring data integrity, confidentiality, and availability.
Snowflake Security Expertise: Leverage expertise in Snowflake to design and enforce security policies, access controls, and data protection mechanisms within the platform.
Data Governance: Collaborate with data governance teams to ensure that data management practices comply with regulatory requirements and industry standards.
Threat Modeling & Risk Assessment: Conduct threat modeling, risk assessments, and security reviews to identify vulnerabilities and implement appropriate countermeasures.
Access Management: Design and implement role-based access controls (RBAC), ensuring that access to sensitive data is restricted based on the principle of least privilege.
Encryption & Data Masking: Implement and manage encryption standards and data masking techniques to protect sensitive information in transit and at rest.
Secure PII Data: Design and engineer security safeguards for PII data
Security policies: Define, create, implement, and maintain corporate security policies and procedures
Pattern Development: Use Security best practices, develop security and data protection patterns, working with Enterprise Architecture for pattern standardization
Collaboration: Work closely with IT, data engineering, and analytics teams to ensure security requirements are integrated into data pipelines and data storage solutions.
Compliance & Audits: Ensure compliance with relevant data protection regulations (e.g., GDPR, CCPA) and participate in internal and external audits.
Continuous Improvement: Stay current with emerging security trends, threats, and technologies. Continuously refine security architectures to address evolving risks.
Contributes to, evaluates, and supports the documentation, and validation processes necessary to assure that associates, information technology systems and business processes meet the organization's information assurance, security, and privacy requirements. Ensures appropriate treatment of risk, compliance, and assurance of internal policies and external regulations.
Defines strategy and roadmap, provides guidance, creates standards and guidelines, and reviews architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.
Conducts security and privacy technology research, assessments, and integration processes; provides and supports a prototype capability and/or evaluates its utility.
Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.
Provides sound advice and recommendations to leadership and staff on relevant topics within the pertinent subject domain.
Applies knowledge of priorities to define an entity's direction and identify programs or infrastructure that are required to achieve desired goals within domain of interest. Develops policy or advocates for changes in policy that will support new initiatives or required changes/enhancements.
Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process including but not limited to: Data Classification, Security Controls, Threat Models, Architecture Review Boards, Authority to Operate.

Qualifications:

Education: Bachelor's degree in Computer Science, Information Security, or a related field. A Master's degree or professional certifications such as CISSP, CISM, or SANS GIAC are preferred.
Experience: Minimum of 5 years of experience in application security and DevSecOps roles or a related field, with a proven track record of developing and managing security architectures for complex applications.
Technical Skills:
- Deep understanding of data security principles, encryption techniques, and secure data storage practices.
- Hands-on experience with Snowflake security features, including access controls, encryption, and data masking.
- Familiarity with other cloud-based data platforms (e.g., AWS, Azure, Google Cloud).
- Proficient in security frameworks such as NIST, ISO 27001, and CIS Controls.
Communication Skills: Excellent verbal and written communication skills, with the ability to communicate complex security concepts to a variety of audiences, including technical and non-technical stakeholders.
Problem-Solving Skills: Strong analytical and problem-solving skills, with the ability to handle complex security issues and quickly adapt to changing environments.
Leadership: Demonstrated leadership abilities, with the capacity to lead cross-functional teams and drive projects to completion.
Self-Management: Ability to effectively prioritize and execute tasks in a high-pressure environment.

Agile methodologies: Familiarity of SAFe Agile Methodologies

Source : ARK Solutions, Inc.