Director, Information Security Architecture
ALASKA AIRLINES' STORY
Alaska Airlines is one of the most respected names in aviation and flies throughout its namesake state and the Lower 48, as well as to Hawaii, Canada, Mexico, Costa Rica and Cuba. Our roots date to 1932 and are symbolized by the Alaska Native painted on the tails of our aircraft. Guided by what we call the "Alaska Spirit", we pride ourselves on providing a lifeline to remote communities while delivering renowned service to everyone we fly. This commitment has brought us national and international recognition. We've been honored with a variety of awards by readers of Travel + Leisure, Conde Nast Traveler, USA Today and others. Alaska, with Virgin America, is the premier airline for people on the West Coast, and together with its sister carrier Horizon Air, flies to more than 118 destinations. The two airlines are subsidiaries of Alaska Air Group Inc. (NYSE:ALK) with annual revenues exceeding $7 billion.
The Senior Cloud Information Security Architect ensures the security of enterprise IT assets and information. This role is accountable for defining cloud security policy, analyzing and developing requirements, assessing the security of systems, and driving the overall cloud security posture of Alaska Airlines.
Scope & Complexity
- This position supports cloud security activities for Alaska Air Group (AAG) and its subsidiaries.
- This position requires the application of interpersonal skills with the ability to foster and grow business relationships, and to communicate at all levels of the organization. It requires a deep technical, architectural understanding of all facets of information security, including:
- Application Development Security Life Cycle,
- Threat Modeling,
- Infrastructure Security Controls,
- Compliance (e.g. PCI, SOX, NIST, ISO),
- Identity Management,
- Prevalent cloud services, such as AWS and Azure.
- Drives the definition and implementation of the cloud security model and architecture standards for AAG.
- Integrates security requirements into technology lifecycle management and contributes to multiple large, complex application projects with cross-functional teams and business users.
- Serves as the security expert in providing solution designs and technical consulting services in support of maintaining compliance with all applicable requirements including industry best practice, internal policy, the Payment Card Industry Data Security Standard, state data privacy laws, and ISO 27001 controls.
- Guides Security and Infrastructure Engineers through the research and advocacy of new technologies, architectures, and products that support security requirements for the enterprise and its customers, business partners, and vendors.
- Develops requirements, along with business, application development, and infrastructure partners, to drive the engineering processes that produce secure solutions.
- Is a thought leader who effectively communicates with and influences peers and leadership regarding optimum architectural approaches to meet business requirements, while managing security risk and maintaining compliance.
- Analyzes and recommends strategy and direction to mitigate security risks within the organization.
- Acts as a change agent through hands-on technical leadership.
- Demonstrates creative thinking and innovation with pragmatic outcomes that build constructive business relationships and gain the trust of others.
- Mentors, coaches, and trains members of the Information Security team, the broader Information Technology Services team, and other technologists throughout AAG.
- Drives continuous process and technology improvements.
- A minimum of 10 years of IT experience and 5 years of Information Security experience.
- A minimum of 3 years of experience (5 years is preferred), serving in a Security Architect position.
- A minimum of 3 years of experience supporting a technically diverse Cardholder Data Environment (CDE). Cloud Security experience (AWS and Azure), including both IaaS and PaaS models.
- Working knowledge of one or more security and IT Architecture standards, including COBIT, TOGAF, Open Security Architecture, or Service Oriented Modeling Framework.
- Demonstrated experience in the following areas: cloud, firewalls, intrusion detection & prevention, perimeter appliances, domain segmentation, filtering (virus, spam, etc.), network segmentation, authentication, enterprise portals, portal based access managers, database encryption, data encryption, host intrusion detection, enterprise directories (LDAP and Active Directory), and meta-directories.
- Demonstrated knowledge of Service Oriented Architectures and Web Services standards as they relate to an enterprise security model.
- Minimum age of 18
- Must be authorized to work in the U.S.
- Industry certification in security (e.g. CISA, CISSP, and/or GIAC).
- Strong PCI DSS knowledge and experience.
- Ability to lead, build and develop team of senior IT professionals through formal and informal reporting relationships.
- Proven experience in developing and executing plans, meeting deadlines, and operating under tight time constraints; monitoring trends in information technology, identity & access, and security that could have an impact on the security of the organization's products, processes, infrastructure, or customers.
- Demonstrated ability to influence and clearly communicate across vast sections of IT and the business, including company leaders.
- Demonstrated experience in making articulate and effective verbal and written presentations to different audiences.
- Excellent organizational and leadership skills.
- Demonstrated business acumen.
- Excellent clear and concise verbal and written communication skills.
Job-Specific Leadership Expectations
- Embody our values to own safety, do the right thing, be kind-hearted, deliver performance, and be remarkable.
- High school diploma or equivalent is required.
- Bachelor of Science degree in computer science, systems engineering, information technology, management information systems, a related discipline, is preferred.
The location for this position is in Seattle, Washington
OUR CULTURE - ALASKA AIRLINES
For eligible employees, our company offers a unique total rewards package that few companies can match, including insurance coverage for medical, dental and vision care, 401(k) retirement savings plans, monthly and annual incentive bonus plans, time off and a generous employee travel program. Each day, we are guided by our core values of Professionalism, Caring, Resourcefulness, Integrity and Alaska Spirit at work and in our communities. Alaska Airlines also fosters a diverse and inclusive culture and is an Equal Opportunity Employer.
Please apply on or before: May 6, 2017
A few helpful tips when applying -
~Before applying, we recommend that you clear your browsing history including your temporary internet files and disable pop-up blockers. You can accomplish this by going to the Tools tab.
~Gather your paperwork, including your work history (we require 10 years of work history to be added to the application), resume etc. - before you apply to the position.
~ If you would like to include a cover letter, add it as your first page to your resume. Your resume is part of your application and unique to each position you apply to..
~Once in the application, be sure to use the links provided to return to the previous page if needed. The back button is not compatible with our system.