Sr. Security Architect
Who We Are:
HBC is a diversified retailer focused on driving the performance of high-quality stores and their omni-channel platforms and unlocking the value of real estate holdings. Founded in 1670, HBC is the oldest company in North America. HBC’s portfolio today includes formats ranging from luxury to premium department stores to off price fashion shopping destinations, with 350 stores and more than 45,000 employees around the world. HBC’s leading businesses across North America include Saks Fifth Avenue, Hudson’s Bay, and Saks OFF 5TH.
HBC also has significant investments in joint ventures. It has partnered with Simon Property Group Inc. in the HBS Global Properties Joint Venture, which owns properties in the United States. In Canada, it has partnered with RioCan Real Estate Investment Trust in the RioCan-HBC Joint Venture. HBC has partnered with SIGNA Retail Holdings for real estate and retail joint ventures in Europe.
A truly global corporate citizen, HBC is committed to responsible business practices to bring about positive change, and we work hard to shape a sustainable future for people and the planet. Our philanthropic initiatives help create healthy families, strong communities, and sport excellence in the cities and countries in which we operate around the world, while striving to create innovative programs and resources that provide flexibility for work-life balance in order to maintain a positive working enviroment.
What This Position Is All About:
The Senior Security Architect will play a crucial role in influencing strategy and direction of technology solutions to address the current and emerging information security risks and compliance requirements of the company. The Senior Security Architect will be responsible for improving the company’s information security posture by understanding cyber risks, determining security requirements, developing roadmaps, maintaining security standards, and mentoring other IT teams in the identification and remediation of same. The Senior Security Architect will have experience in planning and implementation of secure applications in a variety of development enviroments (e.g. traditional, rapid development and deployment, continuous integration, etc…) for associate, vendor and customer facing applications.
Who You Are:
- 8+ years of Information Security experience in Engineering and/or Architeture focused on deployment and maintence enterprise level systems and Cyber Security tools.
- Strong knowledge of security within Public Cloud enviornments such as AWS, Azure, and GCP.
- Strong Knowledge in architecting and building solutions and processes around Identity & Access Management.
- Strong knowledge and experience in key security and data requirements, and solutions, specifically, PII, PCI, Data retention, vulnerability threats, encryption, tokenization of critical data, etc.
- Experience designing and implementing security solutions such as Firewalls, IPS/IDS, NAC, etc.
- An understanding of how business strategy, risk, regulation, and technical constraints influence organizational responses to cyber security.
- An understanding of security methodologies, best practice and industry standards. Experience in risk & regulatory frameworks and standards such as NIST 800, ISO 27001, ISF SOGP, PCI-DSS, CCPA, GDPR.
- A sound understanding of how to model threats & risks as well as the controls necessary to mitigate them, on both an organizational and technical level.
- Experience of relevant technologies (such as Networks, LANs and WANs, Servers & Hosting, Virtualization, Applications, etc.) and how to securely implement them.
- Cyber Security related qualification(s) such as CISSP, CISM, CCSP, ISO Lead Auditor, CEH, GIAC etc desired
- Excellent stakeholder engagement skills. Communicate, evangelise and promote Information Security at all levels (both technical and non-technical stakeholders)
- Strong ability to create and interpret Network and Dataflow diagrams
- Strong understanding of Secure SDLC within different software development methodologies such as waterfall and agile.
- Strong Time management and multitasking ability
- Strong documentation with attention to details
As the Senior Security Architect, You Will:
- Design detailed solution specifications
- Create technical document to describe the implementation
- Design systems using reactive architecture, streaming technologies and kubernetes
- Use cloud services to design for high availability, security, and auto scalability.
- Ensure development adheres to HBC development and configuration standards.
- Perform unit testing and work with project teams to resolve defects discovered during agile springs and/or SDLC process.
- Coach other team members including code review
- Lead or participate in solution design and architecture review
- Instill best practices for agile and interactive software delivery in cloud native enviroment
- Conduct performance unit testing
How Often You May Travel:
Your Life and Career at HBC:
- Be part of a world-class team; work with an adventurous spirit; think and act like an owner- operator!
- Exposure to rewarding career advancement opportunities, from retail to supply chain, to digital or corporate.
- A culture that promotes a healthy, fulfilling work/life balance
- Benefits package for all eligible full-time employees (including medical, vision and dental).
- An amazing employee discounts
Thank you for your interest with HBC. We look forward to reviewing your application.
HBC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, HBC complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
HBC welcomes all applicants for this position. Should you be individually selected to participate in an assessment or selection process, accommodations are available upon request in relation to the materials or processes to be used.