Information Security Architect

About the Role

The Information Security Architect designs the framework of our security infrastructure and helps set the vision for cybersecurity systems. You will act as a technical expert, assessing potential systems and process vulnerabilities to determine security infrastructure requirements, and develop policies and procedures to prevent unauthorized access. You will educate and communicate security requirements and procedures to all users, and recommend and implement changes to enhance systems security and prevent unauthorized access.

What Youll Do

• Design and implement controls to ensure compliance with regulations and privacy laws. Ensure compliance with all applicable configuration standards.
• Assist with management of SOC2 audits as well as other compliance audits.
• Participate in the Security on-call rotation.
• Respond to emergencies and ensure we are acting in accordance with our documented policies and procedures.
• Research security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of system breach. Recommend security controls and/or corrective actions for mitigating technical and business risk.
• Provide guidance and direction on best practices for the protection of information.
• Research trends and methods of compliance with current and emerging privacy regulations.
• Plan, develop, and execute security measures for Airship’s information systems.
• Update and maintain the security baseline.
• Manage enterprise security assessments and configuration assessment tools.
• Produce security metrics and reporting to demonstrate assessment coverage and remediation effectiveness.
• Assist sales and account managers with customer inquiries about Airship’s security.
• Assess third-party vendors and their associated risk.

What Were Looking For

• 4-6 years experience in the field of Information Security
• One or more industry certifications (CISSP, CCSP, OSCP/E/etc, GCIA, etc.)
• Proficient in at least one of the following scripting languages; Python, Java, Bash/shell, Ruby, PHP, etc.
• Experience with a public cloud, preferably Google Cloud Platform (GCP)
• Working knowledge of how to protect and operate MacOS, Linux, and Windows systems
• Experience with helping companies obtain or audit compliance/certification with standards such as SOC2, ISO, HIPAA, etc.
• Excellent spoken and written communication skills
• Strong attention to detail
• Ability to diagnose and squash technical debt
• Understanding of how to explain security to people with different technical abilities and backgrounds

Work Location & Travel Requirements

Airship’s ‘Digital First’ approach to work means that for the majority of our roles, work can be performed remotely, either some or most of the time. Airship believes that flexible work contributes to a more productive and more equitable work environment, and that Airshippers are able to collaborate, innovate, and support one another across different locations and timezones.

Some roles may require that employees perform their work from a specific location to support business activities, and/or be within proximity to an Airship office location or customer or partner locations, while other roles can be performed 100% remotely. 

This position is fully remote and may require up to 10% travel based on business needs or as requested by your manager.

Compensation

Airship’s compensation is determined by a variety of factors including market data, business needs, and geography. Base pay is part of your total compensation package and is dependent on multiple factors, including: relevant skills, work experience, business priorities, market demands, and location. 

The starting base pay range for this position is: $123,000-$155,000 USD per year. Some roles may also be eligible for commission, bonus, or other performance incentives. Airship believes that employees should have the opportunity to benefit from value-creation, so equity is also offered with this role. In addition, Airship offers a robust benefits package as part of our Total Rewards approach to compensation.

 

California residents can view the CCPA disclosure notice here.