Security Architect (871)
Who We Are:
HBC is a diversified retailer focused on driving the performance of high-quality stores and their Omni-channel platforms, and unlocking the value of real estate holdings. Founded in 1670, HBC is the longest continually operating company in North America. HBC’s portfolio today includes formats ranging from luxury to premium department stores to off price fashion shopping destinations, with 239 stores and more than 22,000 employees around the world. HBC’s leading businesses across North America include Saks Fifth Avenue, Hudson’s Bay, and Saks OFF 5TH.
HBC also has significant investments in joint ventures. It has partnered with Simon Property Group Inc. in the HBS Global Properties Joint Venture, which owns properties in the United States. In Canada, it has partnered with RioCan Real Estate Investment Trust in the RioCan-HBC Joint Venture, and in Europe, it has partnered with SIGNA Retail Holdings for real estate and retail joint ventures.
A truly global corporate citizen, HBC is committed to responsible business practices to bring about positive change, and we work hard to shape a sustainable future for people and the planet. Our philanthropic initiatives help create healthy families, strong communities, and sport excellence in the cities and countries in which we operate around the world, while striving to create innovative programs and resources that provide flexibility for work-life balance in order to maintain a positive working environment
What This Position Is All About:
The Security Architect will play a crucial role in influencing strategy and direction of technology solutions to address the current and emerging information security risks and compliance requirements of the company.
The Security Architect will be responsible for improving the company’s information security posture by understanding cyber risks, determining security requirements, developing roadmaps, maintaining security standards, and mentoring other IT teams in the identification and remediation of same.
The Security Architect will have experience in planning and implementation of secure applications in a variety of development environments (e.g. traditional, rapid development and deployment, continuous integration, etc…) for associate, vendor and customer facing applications.
Who You Are:
- You get things done by engaging in high level teamwork and flexing your interpersonal skills
You Also Have:
- 5+ years of Information Security experience in Engineering and/or Architeture focused on deployment and maintence enterprise level systems and Cyber Security tools.
- Strong knowledge of security within Public Cloud enviornments such as AWS, Azure, and GCP.
- Strong knowledge and experience in key security and data requirements, and solutions, specifically, PII, PCI, Data retention, vulnerability threats, encryption, tokenization of critical data, etc.
- Experience designing and implementing security solutions.
- Experience working with architects and development teams for a mission of secure design and data integrity preservation among users, apps and infrastructure.
- Experience in designing authentication and authorization security requirements that adhere to credential storage, privilege management and authenticity standards; support role- and attribute-based access control.
- An understanding of how business strategy, risk, regulation, and technical constraints influence organisational responses to cyber security.
- An understanding of security methodologies, best practice and industry standards. Experience in risk & regulatory frameworks and standards such as NIST 800, ISO 27001, ISF SOGP, PCI-DSS, CCPA, GDPR
- A sound understanding of how to model threats & risks as well as the controls necessary to mitigate them, on both an organisational and technical level.
- Experience of relevant technologies (such as Networks, LANs and WANs, Servers & Hosting, Virtualisation, Applications, Identity Management etc.) and how to securely implement them.
- Cyber Security related qualification(s) such as CISSP, CISM, CCSP, ISO Lead Auditor, CEH, GIAC etc
- Excellent stakeholder engagement skills. Communicate, evangelise and promote Information Security at all levels (both technical and non-technical stakeholders)
- Strong ability to create and interpret Network and Dataflow diagrams
Strong understanding of Secure SDLC within different software development methodologies such as waterfall and agile.
Thank you for your interest with HBC. We look forward to reviewing your application.
HBC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, HBC complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
HBC welcomes all applicants for this position. Should you be individually selected to participate in an assessment or selection process, accommodations are available upon request in relation to the materials or processes to be used.