Solution Architect CyberSecurity

Job DescriptionJob Description

Areas of Aptitude:

1. Strong communication and interpersonal skills.
2. Strategic thinking, problem-solving, and decision-making.
3. Proactive engagement with all tasks, and excellent time management.
4. Ability to collaborate with and guide technical teams through complex projects.
5. Ability to embed in Scrum teams including daily standups, ceremonies, and provide architectural direction.

Top Skills:

1. Architect solutions and create detailed Solution Architecture Documents (covering the Experience areas listed below).
2. Create comparison matrices, enterprise patterns, strategy documents, cloud blueprints, technical specifications, and other architecture artifacts.
3. Application, Cloud, Data and Cyber architecture.
4. Evaluate and recommend the use of specific tools, platforms, and frameworks that meet the project's needs.
5. Partner with portfolio teams and other IT groups, create and present architectural guidance, incorporate feedback.
6. Create designs that meet performance, security, scalability, and other non-functional requirements.
7. Architect and design for best practices such as least privilege and data protection.
8. Promote modular design to enable independent development and testing of components and modules.
9. Be able to manually audit code via spot reviews, lead code quality reviews including creating reports, and create metrics to support automated code review.
10. Control costs by creating high-level quick estimates of various architecture and design options.
11. Review high availability and disaster recovery architecture and remediate, as necessary.
12. Design and implement scalable, secure, and high-performing systems.

Qualifications:

1. Bachelor's or Master's degree in Computer Science, Information Technology, or a related field.
2. 10+ years of IT experience, with at least 3 years as a developer and 3 years as a solution architect.
3. AWS Certified Solution Architect certification strongly .
4. TOGAF certification is a plus.

Experience:

1. Application

1. Programming such as Java, Python, .NET, or similar. Java .
2. JavaScript frameworks such as Angular, React for building user interfaces.
3. RESTful APIs, GraphQL, and SOAP for interaction between applications and services.
4. Event streaming and messaging brokers like Apache Kafka, AWS Kinesis, AWS SNS and SQS, or ActiveMQ.
5. Batch Processing (e.g. ETL and Spring Batch)
6. Microservices architecture
7. Serverless including AWS Lambda
8. Containerization including Docker and Kubernetes
9. Design patterns like MVC (Model-View-Controller), Strangler and SOA (Service-Oriented Architecture)
10. API gateway and management tools like Apigee and Amazon API Gateway
11. Domain Driven Design
12. Integration platforms like Spring Integration for connecting diverse systems.
13. Mobile app development frameworks (e.g., Ionic, Capacitor, React , Flutter, or Swift)
14. Workflow and process engines such as AWS Step Functions, Camunda, Flowable, and Pega.
15. Document management systems like Hyland Alfresco.
16. Content management platforms like Adobe AEM and general eCommerce experience.
17. Testing tools like Selenium, JUnit, or TestNG for creating automated unit, integration, and performance tests.

1. Cloud and DevOps

1. Architecture and detailed design of solutions using cloud platforms like AWS, Microsoft Azure, or Google Cloud.
2. DevOps including CI/CD pipelines (e.g., GitHub Actions)
3. Infrastructure as Code (e.g. Terraform and OpenTofu)

1. Data

1. SQL databases such as Oracle, PostgreSQL, or Microsoft SQL Server for structured data storage.
2. NoSQL databases like DynamoDB for handling unstructured or semi-structured data.
3. Normalizing data models and understand the trade-offs of denormalization in large-scale systems.
4. Enterprise data architecture including operational data stores, data replication, data lakes and data warehousing.

1. Cyber and Privacy

1. Security frameworks like ISO 27001, NIST, or GDPR compliance.
2. Compliance standards like CCPA, GDPR particularly when dealing with sensitive business data.
3. Secure coding practices and principles such as OWASP, encryption techniques, and management.
4. Authentication protocols (OAuth, JWT) and management solutions (e.g. Azure AD, ForgeRock, SailPoint).