Job Summary
The CyberSecurity Architect DPP will design and enhance secure cloud solutions for enterprise initiatives using AWS Key Management Service and related security capabilities. The role focuses on building scalable protection for data in motion and at rest enabling resilient digital platforms and supporting critical services such as cards and payments while operating in a hybrid work environment for a global organization.
Responsibilities
As a member of the Applied Cryptography team and Data Protection Security Architects the Cybersecurity Engineer will design and implement data security solutions along with preparing enrollmentintegration documentation of various visa applications into data security solutions enablement Perform the Data Protection Security Architecture Reviews covering secure architecture and design principles and acting as SME for all data security architecture solutions and principals
Be a Data Protection Engineering team member work on implementationoptimization Data Protection Solutions and Web Services and Web applications across Visa
Implement and Integrate Key Management Data Protection and PKI solutions on AWS in quick turnaround time
Engage in the initial POCs and Implementations of data protection solutions
Basic understanding on the security architecture and threat modelling
Youll be working on enablingbuilding data security solutions on various platforms and technologies which protect the applications data from various attacks
Develop and Continuous Engineering of the Data Protection and Cryptographic Solutions that include Key Management Solutions
Be responsible for data protection solution engineering tasks and data protection security architecture reviews
5 or more years of work experience with a bachelors degree or more than 2 years of work experience with an Advanced Degree eg Masters MBA JD MD
Preferred Qualifications
Strong Knowledge Hands on Experience on the AWS Cloud Platform
Strong Knowledge Hands on Hands Experience on the Cloud Data Protection and Key Management implementations on AWS
Strong Knowledge Hands on Experience on AWS KMS Management AWS Secrets Manager
Strong Knowledge Hands on Experience on the Cloud PKI CA implementations on AWS
Strong Knowledge and Hands on Experience in enabling encryption on Cloud Native Services such as S3 EC2 EBS RDS
Knowledge Experience on Confidential Computing and AWS Nitro Enclave
Experience with Secure Development Lifecycle methodologies Agile based methodologies
Understanding of some Cryptographic APIs and Tools
Understanding on the security protocols such as SSLTLS KMIP
Understanding and experience with the cryptography fundamentals Digital Certificates
Understanding and Experience on deploying and managing 3rd party External Key Management Systems such as Cipher Trust Manager Fontanix on AWS
Knowledge on application design and development
Verbal and written communication skills problem solving skills attention to detail and interpersonal skills along with the ability to present complex security subjects to internal work groups and projects
Ability to work independently and manage ones time with minimal direction from supervisor
The ability to work effectively with other functional areas and understand the operational and cultural issues relevant to achieving superior results
Must be flexible and able to manage multiple tasks and priorities on very tight deadlines
Be a selfmotivated and results oriented individual with an attention to driving aggressive project timelines and schedules
Ability to work independently and in collaboration with others to achieve a high level of success
Sound interpersonal and collaboration skills with the ability to develop maintain and foster constructive relationships with others
Design secure cloud architectures that use AWS Key Management Service to protect sensitive data at rest and in transit across multiple enterprise platforms and applications.
Develop reusable security patterns that define how AWS Key Management Service is integrated with application workloads databases storage and messaging components to ensure consistent cryptographic controls.
Implement detailed key management strategies that cover key rotation separation of duties and lifecycle management to reduce operational risk and support regulatory expectations.
Coordinate with application and platform teams to embed AWS Key Management Service usage into deployment pipelines and configuration baselines enabling secure by design delivery practices.
Review solution designs for cryptographic correctness by validating algorithms key strengths and usage modes so that data confidentiality and integrity requirements are fully met.
Author comprehensive security design documents that describe encryption models key usage boundaries and integration approaches in language understandable to technical and nontechnical stakeholders.
Conduct threat assessments for new and existing solutions by analyzing attack paths that target keys credentials and certificates and recommending mitigations that rely on secure key management and monitoring.
Guide teams on secure secrets handling practices by replacing hard coded credentials and manual processes with automated solutions that leverage AWS Key Management Service and centralized secrets stores.
Define monitoring and alerting requirements for key management systems by specifying
