Security Architect (InfoSec)
Job Description – Security Architect
At Bureau, we take care of risks so our clients take care of their business. Bureau is a no-code Identity Decisioning Platform that enables seamless customer onboarding and fraud-free customer interactions. Our no-code identity orchestration platform protects and accelerates onboarding, verification, and transactions — without introducing friction for the end users. Our innovative technologies and data-driven approach enable our clients to mitigate risks, enhance security, and build trust with their customers. We prefer trustworthiness over creditworthiness!
What to expect from the role?
As a Security Architect in Bureau, you will play a crucial role in ensuring the security, integrity, and confidentiality of our AI systems and data. You will work closely with our development and operations teams to design and implement secure architectures, frameworks, and processes for our solutions. Your expertise in security best practices and understanding of AI technologies will be essential in protecting our systems from potential threats and vulnerabilities.
How will your day look like at Bureau?
Conduct risk assessments and threat modelling to identify potential security vulnerabilities and propose mitigation strategies
Manage the development, deployment, and execution of controls and defences to ensure the security and risk mitigation of company infrastructure technology and information systems.
Establish and implement operational policies and appropriate standards and criteria for hardware, software, email and web firewalls, access verification, and encryption requirements.
Ensure compliance with relevant industry regulations and data protection standards, such as ISO27001, SOC2, GDPR, CCPA or other applicable requirements
Design and implement secure architectures ensuring the confidentiality, integrity, and availability of data and services
Work closely with the development team to integrate security controls into the design and development of solutions
Review application architectures for security vulnerabilities and threat modelling
Implementation of threat and vulnerability management intelligence tools and platform
Conduct security awareness programs and training sessions for the AI tech team to promote a security-conscious culture
Provide guidance and support to developers, data scientists, and other team members on security best practices and secure coding techniques
What does it take to be in this role?
Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
Proven experience as a Security Architect or a similar role
Strong controls framework understanding and experience and advanced knowledge of application security assessments.
Experience in vulnerability management, threat assessments, or a multi-discipline security engineer role
Operational experience in Security Operations Centres or Incident Response SIEM tools
Strong knowledge of security principles, protocols, and technologies
Understanding of relevant regulations and compliance requirements.
Experience in threat modelling, risk assessment, and vulnerability management.
Excellent problem-solving skills and the ability to analyse complex systems.
Strong communication and collaboration skills to work effectively with cross-functional teams.
Relevant certifications such as CISSP, CISM, or CCSP are desirable.